diff -up logwatch-7.3.6/scripts/logwatch.pl.sanitize logwatch-7.3.6/scripts/logwatch.pl --- logwatch-7.3.6/scripts/logwatch.pl.sanitize 2011-02-28 11:54:17.830088152 +0100 +++ logwatch-7.3.6/scripts/logwatch.pl 2011-02-28 11:58:03.437482878 +0100 @@ -855,6 +855,10 @@ foreach $LogFile (@LogFileList) { my $DestFile = $TempDir . $LogFile . "-archive"; my $Archive; foreach $Archive (@{$LogFileData{$LogFile}{'archives'}}) { + if ($Archive =~ /'/) { + print "File $Archive has invalid embedded quotes. File ignored.\n"; + next; + } my $CheckTime; # We need to find out what's the earliest log we need my @time_t = TimeBuild(); @@ -882,18 +886,18 @@ foreach $LogFile (@LogFileList) { #These system calls are not secure but we are getting closer #What needs to go is all the pipes and instead we need a command loop #For each filter to apply -mgt - my $arguments = "$Archive >> $DestFile"; + my $arguments = "'${Archive}' >> $DestFile"; system("$Config{'pathtozcat'} $arguments") == 0 or die "system $Config{'pathtozcat'} failed: $?" } elsif (($Archive =~ m/bz2$/) && (-f "$Archive")) { #These system calls are not secure but we are getting closer #What needs to go is all the pipes and instead we need a command loop #For each filter to apply -mgt - my $arguments = "$Archive 2>/dev/null >> $DestFile"; + my $arguments = "'${Archive}' 2>/dev/null >> $DestFile"; system("$Config{'pathtobzcat'} $arguments") == 0 or die "system $Config{'pathtobzcat'} failed: $?" } elsif (-f "$Archive") { - my $arguments = "$Archive >> $DestFile"; + my $arguments = "'${Archive}' >> $DestFile"; system("$Config{'pathtocat'} $arguments") == 0 or die "system $Config{'pathtocat'} failed: $?" } #End if/elsif existence @@ -905,6 +909,10 @@ foreach $LogFile (@LogFileList) { foreach my $ThisFile (@FileList) { #Existence check for files -mgt next unless (-f $ThisFile); + if ($ThisFile =~ /'/) { + print "File $ThisFile has invalid embedded quotes. File ignored.\n"; + next; + } if (! -r $ThisFile) { print "File $ThisFile is not readable. Check permissions."; if ($> != 0) { @@ -913,7 +921,7 @@ foreach $LogFile (@LogFileList) { print "\n"; next; } - $FileText .= ($ThisFile . " "); + $FileText .= ("'" . $ThisFile . "' "); } #End foreach ThisFile # remove the ENV entries set by previous service