You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by mm...@apache.org on 2010/03/02 19:57:30 UTC
svn commit: r918151 - in /spamassassin/branches/3.3:
lib/Mail/SpamAssassin.pm spamd/spamd.raw
Author: mmartinec
Date: Tue Mar 2 18:57:30 2010
New Revision: 918151
URL: http://svn.apache.org/viewvc?rev=918151&view=rev
Log:
Bug 6313: -Q or -q AND -x should not result in creation of a ~/.spamassasin dir;
plus: taint issues fixed
Modified:
spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm
spamassassin/branches/3.3/spamd/spamd.raw
Modified: spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm?rev=918151&r1=918150&r2=918151&view=diff
==============================================================================
--- spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm (original)
+++ spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm Tue Mar 2 18:57:30 2010
@@ -75,6 +75,7 @@
use Mail::SpamAssassin::Message;
use Mail::SpamAssassin::PluginHandler;
use Mail::SpamAssassin::DnsResolver;
+use Mail::SpamAssassin::Util qw(untaint_var);
use Mail::SpamAssassin::Util::ScopedTimer;
use Errno qw(ENOENT EACCES);
@@ -1935,7 +1936,7 @@
close IN or die "error closing $defprefs: $!";
if (($< == 0) && ($> == 0) && defined($user)) { # chown it
- my ($uid,$gid) = (getpwnam($user))[2,3];
+ my ($uid,$gid) = (getpwnam(untaint_var($user)))[2,3];
unless (chown($uid, $gid, $fname)) {
warn "config: couldn't chown $fname to $uid:$gid for $user: $!\n";
}
Modified: spamassassin/branches/3.3/spamd/spamd.raw
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.3/spamd/spamd.raw?rev=918151&r1=918150&r2=918151&view=diff
==============================================================================
--- spamassassin/branches/3.3/spamd/spamd.raw (original)
+++ spamassassin/branches/3.3/spamd/spamd.raw Tue Mar 2 18:57:30 2010
@@ -2291,8 +2291,14 @@
sub handle_user_setuid_with_sql {
my $username = shift;
+
+ # Bug 6313: interestingly, if $username is not tainted than $pwd, $gcos and
+ # $etc end up tainted but other fields not; if $username _is_ tainted,
+ # getpwnam does not complain, but all returned fields are tainted (which
+ # makes sense, but is worth remembering)
+ #
my ($name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc) =
- getpwnam($username);
+ getpwnam(untaint_var($username));
if (!$spamtest->{'paranoid'} && !defined($uid)) {
# if we are given a username, but can't look it up, maybe name
@@ -2315,7 +2321,8 @@
}
my $spam_conf_dir = $dir . '/.spamassassin'; # needed for Bayes, etc.
- if (! -d $spam_conf_dir) {
+ if ( ($opt{'user-config'} || defined $opt{'home_dir_for_helpers'})
+ && ! -d $spam_conf_dir ) {
if (mkdir $spam_conf_dir, 0700) {
info("spamd: created $spam_conf_dir for $username");
}