diff options
author | D German <dmg@uvic.ca> | 2017-03-26 15:32:58 -0700 |
---|---|---|
committer | D German <dmg@uvic.ca> | 2017-03-26 15:32:58 -0700 |
commit | 75fb67c36a1c4dcec6b9b2c4e7102a1000066c4f (patch) | |
tree | 6bcdcd46970510696ca6bdf3b9e7e709c71c3676 | |
parent | 5178cd486efc619c68aeedc7988c58940ccef645 (diff) | |
download | ninka-75fb67c36a1c4dcec6b9b2c4e7102a1000066c4f.tar.gz |
Avoid execution of files that include & in the filename
-rw-r--r-- | Changes | 7 | ||||
-rw-r--r-- | lib/Ninka.pm | 4 | ||||
-rw-r--r-- | lib/Ninka/CommentExtractor.pm | 4 |
3 files changed, 13 insertions, 2 deletions
@@ -1,3 +1,10 @@ +2017-03-26 Daniel M. German <dmg@uvic.ca> + + * lib/Ninka/CommentExtractor.pm (execute_command): + Added check to make sure no spurious command is executed + + * Changed version to 1.3.1 + 2015-05-11 dmg <dmg@uvic.ca> * Released version 1.3 diff --git a/lib/Ninka.pm b/lib/Ninka.pm index 8f454cd..292549a 100644 --- a/lib/Ninka.pm +++ b/lib/Ninka.pm @@ -9,7 +9,7 @@ use Ninka::SentenceExtractor; use Ninka::SentenceFilter; use Ninka::SentenceTokenizer; -our $VERSION = '1.3'; +our $VERSION = '1.3.1'; sub process_file { my ($input_file, $create_intermediary_files, $verbose) = @_; @@ -86,7 +86,7 @@ Scans a source file and returns the found licenses. =head1 COPYRIGHT AND LICENSE -Copyright (C) 2009-2014 Yuki Manabe and Daniel M. German +Copyright (C) 2009-2014,2017 Yuki Manabe and Daniel M. German This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as diff --git a/lib/Ninka/CommentExtractor.pm b/lib/Ninka/CommentExtractor.pm index 8a2e66f..c01d91f 100644 --- a/lib/Ninka/CommentExtractor.pm +++ b/lib/Ninka/CommentExtractor.pm @@ -66,6 +66,10 @@ sub create_head_cmd { sub execute_command { my ($command) = @_; + if ($command =~ /&/) { + die "illegal file name in command to be executed [$command]"; + } + my ($child_in, $child_out, $child_err); $child_err = gensym(); my $pid = open3($child_in, $child_out, $child_err, $command); |