Sanitize spamd_sock path for perl taint mode

This commit is contained in:
Markus Ullmann 2013-03-20 01:16:09 +01:00
parent a0212347bf
commit f198157e92

View File

@ -314,6 +314,10 @@ sub connect_to_spamd_socket {
return; return;
}; };
# Sanitize for use with taint mode
$socket =~ /^([\w\/.-]+)$/;
$socket = $1;
socket(my $SPAMD, PF_UNIX, SOCK_STREAM, 0) or do { socket(my $SPAMD, PF_UNIX, SOCK_STREAM, 0) or do {
$self->log(LOGERROR, "Could not open socket: $!"); $self->log(LOGERROR, "Could not open socket: $!");
return; return;