[Rt-commit] [svn] r1035 - rt/branches/rt-3.1/lib/RT
alexmv at pallas.eruditorum.org
alexmv at pallas.eruditorum.org
Tue Jun 8 16:27:04 EDT 2004
Author: alexmv
Date: Tue Jun 8 16:27:03 2004
New Revision: 1035
Modified:
rt/branches/rt-3.1/lib/RT/EmailParser.pm
Log:
RT-Ticket: 5712
RT-Action: correspond
* Fix =head1 NAME
* This _should_ fix the problems caused by running under taint mode,
but I have no way of testing this at present.
Modified: rt/branches/rt-3.1/lib/RT/EmailParser.pm
==============================================================================
--- rt/branches/rt-3.1/lib/RT/EmailParser.pm (original)
+++ rt/branches/rt-3.1/lib/RT/EmailParser.pm Tue Jun 8 16:27:03 2004
@@ -35,7 +35,8 @@
=head1 NAME
- RT::Interface::CLI - helper functions for creating a commandline RT interface
+ RT::EmailParser - helper functions for parsing parts from incoming
+ email messages
=head1 SYNOPSIS
@@ -182,8 +183,10 @@
print $fh $args{'Message'};
close($fh);
if ( -f $temp_file ) {
- $self->ParseMIMEEntityFromFile($temp_file, $args{'Decode'});
- unlink($temp_file );
+ # We have to trust the temp file's name -- untaint it
+ $temp_file =~ /(.*)/;
+ $self->ParseMIMEEntityFromFile($1, $args{'Decode'});
+ unlink($1);
}
} #If for some reason we weren't able to parse the message using a temp file # try it with a scalar
if ( !$self->Entity ) {
More information about the Rt-commit
mailing list