Sophie

Sophie

distrib > Fedora > 13 > i386 > media > updates-src > by-pkgid > 8ff15aaec6aa7c6a6bfade293a2cfbaa > files > 51

logwatch-7.3.6-55.fc13.src.rpm

diff -up logwatch-7.3.6/scripts/logwatch.pl.sanitize logwatch-7.3.6/scripts/logwatch.pl
--- logwatch-7.3.6/scripts/logwatch.pl.sanitize	2011-02-28 11:54:17.830088152 +0100
+++ logwatch-7.3.6/scripts/logwatch.pl	2011-02-28 11:58:03.437482878 +0100
@@ -855,6 +855,10 @@ foreach $LogFile (@LogFileList) {
    my $DestFile =  $TempDir . $LogFile . "-archive";
    my $Archive;
    foreach $Archive (@{$LogFileData{$LogFile}{'archives'}}) {
+      if ($Archive =~ /'/) {
+         print "File $Archive has invalid embedded quotes.  File ignored.\n";
+         next;
+      }
       my $CheckTime;
       # We need to find out what's the earliest log we need
       my @time_t = TimeBuild();
@@ -882,18 +886,18 @@ foreach $LogFile (@LogFileList) {
          #These system calls are not secure but we are getting closer
          #What needs to go is all the pipes and instead we need a command loop
          #For each filter to apply -mgt
-            my $arguments = "$Archive >> $DestFile";
+            my $arguments = "'${Archive}' >> $DestFile";
             system("$Config{'pathtozcat'} $arguments") == 0
                or die "system $Config{'pathtozcat'} failed: $?" 
          } elsif (($Archive =~ m/bz2$/) && (-f "$Archive")) {
          #These system calls are not secure but we are getting closer
          #What needs to go is all the pipes and instead we need a command loop
          #For each filter to apply -mgt
-            my $arguments = "$Archive 2>/dev/null >> $DestFile";
+            my $arguments = "'${Archive}' 2>/dev/null >> $DestFile";
             system("$Config{'pathtobzcat'} $arguments") == 0
                or die "system $Config{'pathtobzcat'} failed: $?" 
          } elsif (-f "$Archive") {
-            my $arguments = "$Archive  >> $DestFile";
+            my $arguments = "'${Archive}'  >> $DestFile";
             system("$Config{'pathtocat'} $arguments") == 0
                or die "system $Config{'pathtocat'} failed: $?" 
          } #End if/elsif existence
@@ -905,6 +909,10 @@ foreach $LogFile (@LogFileList) {
    foreach my $ThisFile (@FileList) {
       #Existence check for files -mgt
       next unless (-f $ThisFile);
+      if ($ThisFile =~ /'/) {
+         print "File $ThisFile has invalid embedded quotes.  File ignored.\n";
+         next;
+      }
       if (! -r $ThisFile) {
          print "File $ThisFile is not readable.  Check permissions.";
          if ($> != 0) {
@@ -913,7 +921,7 @@ foreach $LogFile (@LogFileList) {
          print "\n";
          next;
       }
-      $FileText .= ($ThisFile . " ");
+      $FileText .= ("'" . $ThisFile . "' ");
    } #End foreach ThisFile
 
    # remove the ENV entries set by previous service

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional