[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [979] branches/1.2/LedgerSMB/Form.pm
- Subject: SF.net SVN: ledger-smb: [979] branches/1.2/LedgerSMB/Form.pm
- From: ..hidden..
- Date: Wed, 21 Mar 2007 21:53:47 -0700
Revision: 979
http://svn.sourceforge.net/ledger-smb/?rev=979&view=rev
Author: einhverfr
Date: 2007-03-21 21:53:46 -0700 (Wed, 21 Mar 2007)
Log Message:
-----------
Adding protection against ADS for Windows users in parse template routines
Modified Paths:
--------------
branches/1.2/LedgerSMB/Form.pm
Modified: branches/1.2/LedgerSMB/Form.pm
===================================================================
--- branches/1.2/LedgerSMB/Form.pm 2007-03-21 18:31:40 UTC (rev 978)
+++ branches/1.2/LedgerSMB/Form.pm 2007-03-22 04:53:46 UTC (rev 979)
@@ -591,6 +591,14 @@
my ($self, $myconfig) = @_;
$self->{cwd} = Cwd::getcwd();
+ for (qw(IN OUT)){
+ if ($self->{$_} =~ m#[:/\\]#){
+ $self->error("Access denied");
+ }
+ }
+ if ($self->{language_code} =~ m#[:/\\.*]#){
+ $self->error("Access Denied");
+ }
my ($chars_per_line, $lines_on_first_page, $lines_on_second_page) = (0, 0, 0);
my ($current_page, $current_line) = (1, 1);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.