Skip to content

bugzilla
bugzilla
Commit fbb2c9b0 authored by bbaetz%student.usyd.edu.au's avatar bbaetz%student.usyd.edu.au
Browse files
Options

Bug 155793 - $::FORM is not tainted under perl 5.6.1

r=myk, jouni
parent 3389d621
Hide whitespace changes
Inline Side-by-side
Showing with 12 additions and 22 deletions
CGI.pl
View file @ fbb2c9b0
......@@ -92,34 +92,24 @@ sub url_quote {
}
sub ParseUrlString {
# We don't want to detaint the user supplied data...
use re 'taint';
my ($buffer, $f, $m) = (@_);
undef %$f;
undef %$m;
my %isnull;
my $remaining = $buffer;
while ($remaining ne "") {
my $item;
if ($remaining =~ /^([^&]*)&(.*)$/) {
$item = $1;
$remaining = $2;
} else {
$item = $remaining;
$remaining = "";
}
my $name;
my $value;
if ($item =~ /^([^=]*)=(.*)$/) {
$name = url_decode($1);
$value = url_decode($2);
} else {
$name = url_decode($item);
$value = "";
}
# We must make sure that the CGI params remain tainted.
# This means that if for some reason you want to make this code
# use a regexp and $1, $2, ... (or use a helper function which does so)
# you must |use re 'taint'| _and_ make sure that you don't run into
# http://bugs.perl.org/perlbug.cgi?req=bug_id&bug_id=20020704.001
my @args = split('&', $buffer);
foreach my $arg (@args) {
my ($name, $value) = split('=', $arg, 2);
$value = '' if not defined $value;
$name = url_decode($name);
$value = url_decode($value);
if ($value ne "") {
if (defined $f->{$name}) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment