From f198157e92709961122f8689b64eb13e036dcfc0 Mon Sep 17 00:00:00 2001
From: Markus Ullmann <mail@markus-ullmann.de>
Date: Wed, 20 Mar 2013 01:16:09 +0100
Subject: [PATCH] Sanitize spamd_sock path for perl taint mode

---
 plugins/spamassassin | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/plugins/spamassassin b/plugins/spamassassin
index 082f44d..be5c2ef 100644
--- a/plugins/spamassassin
+++ b/plugins/spamassassin
@@ -314,6 +314,10 @@ sub connect_to_spamd_socket {
         return;
     };
 
+    # Sanitize for use with taint mode
+    $socket =~ /^([\w\/.-]+)$/;
+    $socket = $1;
+
     socket(my $SPAMD, PF_UNIX, SOCK_STREAM, 0) or do {
         $self->log(LOGERROR, "Could not open socket: $!");
         return;