You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by mm...@apache.org on 2010/03/02 19:57:30 UTC

svn commit: r918151 - in /spamassassin/branches/3.3: lib/Mail/SpamAssassin.pm spamd/spamd.raw

Author: mmartinec
Date: Tue Mar  2 18:57:30 2010
New Revision: 918151

URL: http://svn.apache.org/viewvc?rev=918151&view=rev
Log:
Bug 6313: -Q or -q AND -x should not result in creation of a ~/.spamassasin dir;
plus: taint issues fixed

Modified:
    spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm
    spamassassin/branches/3.3/spamd/spamd.raw

Modified: spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm?rev=918151&r1=918150&r2=918151&view=diff
==============================================================================
--- spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm (original)
+++ spamassassin/branches/3.3/lib/Mail/SpamAssassin.pm Tue Mar  2 18:57:30 2010
@@ -75,6 +75,7 @@
 use Mail::SpamAssassin::Message;
 use Mail::SpamAssassin::PluginHandler;
 use Mail::SpamAssassin::DnsResolver;
+use Mail::SpamAssassin::Util qw(untaint_var);
 use Mail::SpamAssassin::Util::ScopedTimer;
 
 use Errno qw(ENOENT EACCES);
@@ -1935,7 +1936,7 @@
       close IN  or die "error closing $defprefs: $!";
 
       if (($< == 0) && ($> == 0) && defined($user)) { # chown it
-        my ($uid,$gid) = (getpwnam($user))[2,3];
+        my ($uid,$gid) = (getpwnam(untaint_var($user)))[2,3];
         unless (chown($uid, $gid, $fname)) {
           warn "config: couldn't chown $fname to $uid:$gid for $user: $!\n";
         }

Modified: spamassassin/branches/3.3/spamd/spamd.raw
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.3/spamd/spamd.raw?rev=918151&r1=918150&r2=918151&view=diff
==============================================================================
--- spamassassin/branches/3.3/spamd/spamd.raw (original)
+++ spamassassin/branches/3.3/spamd/spamd.raw Tue Mar  2 18:57:30 2010
@@ -2291,8 +2291,14 @@
 
 sub handle_user_setuid_with_sql {
   my $username = shift;
+
+  # Bug 6313: interestingly, if $username is not tainted than $pwd, $gcos and
+  # $etc end up tainted but other fields not;  if $username _is_ tainted,
+  # getpwnam does not complain, but all returned fields are tainted (which
+  # makes sense, but is worth remembering)
+  #
   my ($name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc) =
-      getpwnam($username);
+      getpwnam(untaint_var($username));
 
   if (!$spamtest->{'paranoid'} && !defined($uid)) {
     # if we are given a username, but can't look it up, maybe name
@@ -2315,7 +2321,8 @@
   }
 
   my $spam_conf_dir = $dir . '/.spamassassin'; # needed for Bayes, etc.
-  if (! -d $spam_conf_dir) {
+  if ( ($opt{'user-config'} || defined $opt{'home_dir_for_helpers'})
+       && ! -d $spam_conf_dir ) {
     if (mkdir $spam_conf_dir, 0700) {
       info("spamd: created $spam_conf_dir for $username");
     }