On Fri, Dec 22, 2006 at 06:42:41PM +0100, Stefan Fritsch wrote:
> A vulnerability has been reported in Netrik:
Thanks for the report. Security update for Sarge is building now.
Patch attached:
Steve
--
--- form-file.c 2003-08-06 10:28:45.0 +
+++ /home/skx/form-file.c 2006-12-22 22:19:12.0 +
@@ -10,6 +10,7 @@
* (C) 2003 antrik
*/
+#include
#include
#include
#include
@@ -107,6 +108,14 @@
char temp_name[size];
snprintf(temp_name, size, format, name);
+ /* make sure we get a proper filename */
+ {
+char *chr;
+for(chr=temp_name; *chr; ++chr)
+ if(!isalnum(*chr))/* not safe filename char -> replace */
+ *chr='_';
+ }
+
/* write temporary file */
{
intfildes;
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]