From: Ivan Kohler <ivan@freeside.biz>
Date: Sat, 26 Jan 2013 21:18:10 +0000 (-0800)
Subject: untaint spam tag levels
X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=c2746333f313511c6f7e19bdbef5622d1e4014e0

untaint spam tag levels
---

diff --git a/FS/FS/part_export/status_shellcommands.pm b/FS/FS/part_export/status_shellcommands.pm
index 53d2b3754..c5200ec50 100644
--- a/FS/FS/part_export/status_shellcommands.pm
+++ b/FS/FS/part_export/status_shellcommands.pm
@@ -43,6 +43,10 @@ sub _export_unsuspend {}
 sub export_setstatus {
   my($self, $svc_acct, $hashref) = @_;
 
+  for (qw( spam_tag2_level spam_kill_level )) {
+    $hashref->{$_} =~ /^\d+(\.\d+)?$/ or return "illegal $_";
+  }
+
   my @shellargs = (
     $svc_acct->svcnum,
     user          => $self->option('user') || 'root',