From c95ebfccc9bce5d8e48d5339d31b25d88a183fde Mon Sep 17 00:00:00 2001 From: ivan Date: Sat, 23 Sep 2000 18:08:45 +0000 Subject: fix for DoS vulnerability noted by Kevin S. Ho --- shift.cgi | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'shift.cgi') diff --git a/shift.cgi b/shift.cgi index b99b039..daf63ee 100755 --- a/shift.cgi +++ b/shift.cgi @@ -2,7 +2,7 @@ #!/usr/bin/perl -Tw # (Text::Template can't do -T, but no user input is used dangerously) # -# $Id: shift.cgi,v 1.2 2000-07-18 05:43:27 ivan Exp $ +# $Id: shift.cgi,v 1.3 2000-09-23 18:08:45 ivan Exp $ # # Copyright (C) 2000 Adam Gould # Copyright (C) 2000 Michal Migurski @@ -103,13 +103,14 @@ if ( $cgi->param() ) { foreach my $field ( @diff_fields ) { $shifthash{$field}='' unless defined $shifthash{$field}; if ( $shifthash{$field} eq $cgi->param($field. '_old') ) { - if ( $cgi->param($field. "_new") =~ - /\b(\w[\w\-\.\+]*\@(([\w\.\-]+\.)+\w+))\b/ - || $cgi->param($field. "_new") =~ /^\s*$/ + if ( $cgi->param($field. "_new") =~ + /^\s*(\w[\w\s\.\'\-]{0,99}?)\s*$/ + || $cgi->param($field. "_new") =~ /^\s*()$/ ) { + my $new = $1; open(FILE,">$data_directory/.new.$field") or die "Can't open file $data_directory/$field: $!"; - print FILE $cgi->param($field. "_new"); + print FILE $new; close FILE; rename "$data_directory/.new.$field", "$data_directory/$field"; $warning{$field} = ''; -- cgit v1.2.1