Item12395: insecure dependency in a couple of file operations
Priority: Normal
Current State: Closed
Released In: n/a
Target Release:
The store tries to use tainted strings in file operations in a couple of places.
A simple
save
throws errors opening or unlinking files, e.g. here:
--- lib/Foswiki/Store/PlainFile.pm (revision 16537)
+++ lib/Foswiki/Store/PlainFile.pm (working copy)
@@ -467,6 +467,9 @@
my $latest = _latestFile($meta);
my $hf = _historyFile( $meta, undef, $rn );
my $t = ( stat $latest )[9]; # SMELL: use TOPICINFO?
+
+$hf = Foswiki::Sandbox::untaintUnchecked($hf);
+
--
MichaelDaum - 19 Feb 2013
Wasted a lot of time running the (previously working)
VCStoreTests, only to find they have been recoded to be specific to the RCS store implementation
--
CrawfordCurrie - 28 Feb 2013