[rt-devel] mailgate taint fixes

Mon Apr 2 12:40:16 EDT 2001

fixes problems running the mailgate with taint mode on.

Index: ScripAction.pm
===================================================================
RCS file: /proj/maps/cvsroot/rt/lib/RT/ScripAction.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.4
diff -u -b -r1.1.2.2 -r1.4

--- ScripAction.pm      2001/04/02 16:25:12     1.1.2.2
+++ ScripAction.pm      2001/03/20 09:13:39     1.4
@@ -113,7 +113,9 @@
                 @_ );
     
     #TODO: Put this in an eval  
-    my $type = "RT::Action::". $self->ExecModule;
+    $self->ExecModule =~ /^(\w+)$/
+      or die "illegal ExecModule: ". $self->ExecModule;
+    my $type = "RT::Action::$1";
     
     $RT::Logger->debug("now requiring $type\n"); 
     eval "require $type" || die "Require of $type failed.\n$@\n";
Index: ScripCondition.pm
===================================================================
RCS file: /proj/maps/cvsroot/rt/lib/RT/ScripCondition.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.6
diff -u -b -r1.1.2.2 -r1.6
--- ScripCondition.pm   2001/04/02 16:25:12     1.1.2.2
+++ ScripCondition.pm   2001/03/20 09:13:39     1.6
@@ -121,7 +121,9 @@
                 @_ );
     
     #TODO: Put this in an eval  
-    my $type = "RT::Condition::". $self->ExecModule;
+    $self->ExecModule =~ /^(\w+)$/
+      or die "illegal ExecModule: ". $self->ExecModule;
+    my $type = "RT::Condition::$1";
     
     $RT::Logger->debug("now requiring $type\n"); 
     eval "require $type" || die "Require of $type failed.\n$@\n";


-- 
meow
_ivan


