blob: 7b4323de177cde72df7daf79d3f61e2bd6349fe4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Turning the wikilink regexp into an extended regexp on the svn trunk seems
to have broken the setuid wrapper on my system, because of two reasons:
First, the wrapper generator should turn each newline in $configstring into
`\n` in the C code rather than `\` followed by a newline in the C code.
Second, the untainting of $configstring should allow newlines.
> Both of these problems were already dealt with in commit r3714, on June
> 3rd. Confused why you're posting patches for them now. [[done]] --[[Joey]]
Modified: wiki-meta/perl/IkiWiki.pm
==============================================================================
--- wiki-meta/perl/IkiWiki.pm (original)
+++ wiki-meta/perl/IkiWiki.pm Mon Jun 11 10:52:07 2007
@@ -205,7 +205,7 @@
sub possibly_foolish_untaint ($) {
my $tainted=shift;
- my ($untainted)=$tainted=~/(.*)/;
+ my ($untainted)=$tainted=~/(.*)/s;
return $untainted;
}
Modified: wiki-meta/perl/IkiWiki/Wrapper.pm
==============================================================================
--- wiki-meta/perl/IkiWiki/Wrapper.pm (original)
+++ wiki-meta/perl/IkiWiki/Wrapper.pm Mon Jun 11 10:52:07 2007
@@ -62,7 +62,7 @@
}
$configstring=~s/\\/\\\\/g;
$configstring=~s/"/\\"/g;
- $configstring=~s/\n/\\\n/g;
+ $configstring=~s/\n/\\n/g;
#translators: The first parameter is a filename, and the second is
#translators: a (probably not translated) error message.
|