Contents of /devel/perl/25_fix_cgi_tempdir

Fix tainted usage of $ENV{TMPDIR} as an sprintf format in CGI.pm. (Closes: #494679)

[rt.perl.org #50322]
Bleadperl change 33143.

Note that the inconsistent usage of backslashes doesn't matter, as
the whole thing is eval'd in.
diff --git a/lib/CGI.pm b/lib/CGI.pm
index c0158cb..1bc74a3 100644
--- a/lib/CGI.pm
+++ b/lib/CGI.pm
@@ -4032,7 +4032,7 @@ sub new {
     my $filename;
     find_tempdir() unless -w $TMPDIRECTORY;
     for (my $i = 0; $i < $MAXTRIES; $i++) {
-	last if ! -f ($filename = sprintf("${TMPDIRECTORY}${SL}CGItemp%d",$sequence++));
+	last if ! -f ($filename = sprintf("\%s${SL}CGItemp%d",$TMPDIRECTORY,$sequence++));
     }
     # check that it is a more-or-less valid filename
     return unless $filename =~ m!^([a-zA-Z0-9_ \'\":/.\$\\-]+)$!;
1	Fix tainted usage of $ENV{TMPDIR} as an sprintf format in CGI.pm. (Closes: #494679)
2
3	[rt.perl.org #50322]
4	Bleadperl change 33143.
5
6	Note that the inconsistent usage of backslashes doesn't matter, as
7	the whole thing is eval'd in.
8	diff --git a/lib/CGI.pm b/lib/CGI.pm
9	index c0158cb..1bc74a3 100644
10	--- a/lib/CGI.pm
11	+++ b/lib/CGI.pm
12	@@ -4032,7 +4032,7 @@ sub new {
13	my $filename;
14	find_tempdir() unless -w $TMPDIRECTORY;
15	for (my $i = 0; $i < $MAXTRIES; $i++) {
16	- last if ! -f ($filename = sprintf("${TMPDIRECTORY}${SL}CGItemp%d",$sequence++));
17	+ last if ! -f ($filename = sprintf("\%s${SL}CGItemp%d",$TMPDIRECTORY,$sequence++));
18	}
19	# check that it is a more-or-less valid filename
20	return unless $filename =~ m!^([a-zA-Z0-9_ \'\":/.\$\\-]+)$!;
admin@fedoraproject.org	ViewVC Help
Powered by ViewVC 1.1.2