[interchange-cvs] interchange - heins modified lib/Vend/Page.pm

interchange-cvs at icdevgroup.org interchange-cvs at icdevgroup.org
Sun Mar 28 15:34:35 EST 2004


User:      heins
Date:      2004-03-28 20:34:35 GMT
Modified:  lib/Vend Tag: STABLE_4_8-branch Page.pm
Log:
* Fix security hole where arbitrary variable contents can be displayed.

Revision  Changes    Path
No                   revision



No                   revision



2.0.2.6   +5 -4      interchange/lib/Vend/Page.pm


rev 2.0.2.6, prev_rev 2.0.2.5
Index: Page.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Page.pm,v
retrieving revision 2.0.2.5
retrieving revision 2.0.2.6
diff -u -r2.0.2.5 -r2.0.2.6
--- Page.pm	26 Nov 2002 03:21:10 -0000	2.0.2.5
+++ Page.pm	28 Mar 2004 20:34:35 -0000	2.0.2.6
@@ -1,6 +1,6 @@
 # Vend::Page - Handle Interchange page routing
 # 
-# $Id: Page.pm,v 2.0.2.5 2002/11/26 03:21:10 jon Exp $
+# $Id: Page.pm,v 2.0.2.6 2004/03/28 20:34:35 mheins Exp $
 #
 # Copyright (C) 1996-2002 Red Hat, Inc. and
 # Interchange Development Group, http://www.icdevgroup.org/
@@ -46,7 +46,7 @@
 
 use vars qw/$VERSION/;
 
-$VERSION = substr(q$Revision: 2.0.2.5 $, 10);
+$VERSION = substr(q$Revision: 2.0.2.6 $, 10);
 
 my $wantref = 1;
 
@@ -54,13 +54,14 @@
 	my($name, $subject) = @_;
 	my($page);
 
-	$name =~ m/[\[<]+/g
+	$name =~ m/[\[<]|[\@_]_[A-Z]\w+_[\@_]|\@\@[A-Z]\w+\@\@/
 		and do {
 			::logGlobal(
 					"Security violation -- scripting character in page name '%s'.",
 					$name,
 				);
 			$name = 'violation';
+			1 while $subject =~ s/[\@_]_/_/g;
 		};
 
 	$subject = $subject || 'unspecified error';
@@ -83,7 +84,7 @@
 	my($name) = @_;
 	my($page);
 
-	$name =~ m/[\[<]+/g
+	$name =~ m/[\[<]|[\@_]_[A-Z]\w+_[\@_]|\@\@[A-Z]\w+\@\@/
 		and do {
 			::logGlobal(
 					"Security violation -- scripting character in page name '%s'.",








More information about the interchange-cvs mailing list