You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by mm...@apache.org on 2010/01/27 15:24:09 UTC
svn commit: r903657 -
/spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm
Author: mmartinec
Date: Wed Jan 27 14:24:09 2010
New Revision: 903657
URL: http://svn.apache.org/viewvc?rev=903657&view=rev
Log:
Bug 6310 - sa-learn --import gives Insecure dependency in open
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm?rev=903657&r1=903656&r2=903657&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm Wed Jan 27 14:24:09 2010
@@ -1438,6 +1438,9 @@
# bayes directory
my $main = $self->{bayes}->{main};
my $path = $main->sed_path($main->{conf}->{bayes_path});
+
+ # prevent dirname() from tainting the result, it assumes $1 is not tainted
+ local($1,$2,$3); # Bug 6310
my $dir = dirname($path);
# make temporary copy since old dbm and new dbm may have same name