diff options
| author | vd <vd@FreeBSD.org> | 2006-01-26 18:34:42 +0800 |
|---|---|---|
| committer | vd <vd@FreeBSD.org> | 2006-01-26 18:34:42 +0800 |
| commit | 15deef1424b603b13b75222291c8bcad3c4de3f0 (patch) | |
| tree | a10c9837a1e8818c6c1b88236343173fe1870c54 /net | |
| parent | d1a77baa02772185d1f7a14f84621c0a92606f92 (diff) | |
| download | freebsd-ports-gnome-15deef1424b603b13b75222291c8bcad3c4de3f0.tar.gz freebsd-ports-gnome-15deef1424b603b13b75222291c8bcad3c4de3f0.tar.zst freebsd-ports-gnome-15deef1424b603b13b75222291c8bcad3c4de3f0.zip | |
Fix tainting and path manipulations
PR: ports/91872
Submitted by: Lupe Christoph <lupe@lupe-christoph.de>
Approved by: garga (mentor)
Diffstat (limited to 'net')
| -rw-r--r-- | net/p5-Net-Server/Makefile | 2 | ||||
| -rw-r--r-- | net/p5-Net-Server/files/patch-lib_Net_Server.pm | 20 |
2 files changed, 21 insertions, 1 deletions
diff --git a/net/p5-Net-Server/Makefile b/net/p5-Net-Server/Makefile index 56a6f7ec210c..53dc3b0d0e8c 100644 --- a/net/p5-Net-Server/Makefile +++ b/net/p5-Net-Server/Makefile @@ -7,7 +7,7 @@ PORTNAME= Net-Server PORTVERSION= 0.90 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= net perl5 MASTER_SITES= http://www.seamons.com/net_server/ \ ${MASTER_SITE_PERL_CPAN} diff --git a/net/p5-Net-Server/files/patch-lib_Net_Server.pm b/net/p5-Net-Server/files/patch-lib_Net_Server.pm new file mode 100644 index 000000000000..a115f0ceab5b --- /dev/null +++ b/net/p5-Net-Server/files/patch-lib_Net_Server.pm @@ -0,0 +1,20 @@ +--- lib/Net/Server.pm Mon Dec 5 22:13:04 2005 ++++ lib/Net/Server.pm Wed Jan 25 08:18:25 2006 +@@ -133,6 +133,7 @@ + ### see if we can find the full command line + if (open _CMDLINE, "/proc/$$/cmdline") { # unix specific + my $line = do { local $/ = undef; <_CMDLINE> }; ++ ($line) = $line =~ /^(.*)$/; # untaint + close _CMDLINE; + if ($line) { + return [split /\0/, $line]; +@@ -140,7 +141,8 @@ + } + + my $script = $0; +- $script = $ENV{'PWD'} .'/'. $script if $script =~ m|^\.+/| && $ENV{'PWD'}; # add absolute to relative ++ $script = $ENV{'PWD'} .'/'. $script if $script !~ m|^/| && $ENV{'PWD'}; # add absolute to relative ++ ($script) = $script =~ /^(.*)$/; # untaint + return [ $script, @ARGV ] + } + |