You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@spamassassin.apache.org on 2022/06/15 22:21:52 UTC

[Bug 8010] New: taint problem in use of File::Find in Windows

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8010

            Bug ID: 8010
           Summary: taint problem in use of File::Find in Windows
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Hardware: PC
                OS: Windows
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Libraries
          Assignee: dev@spamassassin.apache.org
          Reporter: sidney@sidney.com
  Target Milestone: Undefined

Some tests are failing when run in Windows with a taint error in
SpamAssassin.pm

File::Find::find() has an option for the regex pattern to use when it is given
the option to untaint paths while changing directories. The default untaint
pattern is incorrect for running under Windows, resulting in a taint error if a
correct pattern is not passed in.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 8010] taint problem in use of File::Find in Windows

Posted by bu...@spamassassin.apache.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8010

Sidney Markowitz <si...@sidney.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED
   Target Milestone|Undefined                   |4.0.0
                 CC|                            |sidney@sidney.com

--- Comment #1 from Sidney Markowitz <si...@sidney.com> ---
trunk % svn ci -m "bug 8010 - Fix untaint pattern in File::Find in Windows" 
lib/Mail/SpamAssassin.pm
Sending        lib/Mail/SpamAssassin.pm
Transmitting file data .done
Committing transaction...
Committed revision 1901952.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 8010] taint problem in use of File::Find in Windows

Posted by bu...@spamassassin.apache.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8010

--- Comment #3 from Sidney Markowitz <si...@sidney.com> ---
trunk % svn ci -m "bug 8010 - remove lines obsoleted by other untaint fixes"
t/config_tree_recurse.t
Sending        t/config_tree_recurse.t
Transmitting file data .done
Committing transaction...
Committed revision 1901955.

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 8010] taint problem in use of File::Find in Windows

Posted by bu...@spamassassin.apache.org.

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8010

--- Comment #2 from Sidney Markowitz <si...@sidney.com> ---
Adding a note that it was t/config_tree_recurse.t that was affected by this.

-- 
You are receiving this mail because:
You are the assignee for the bug.