diff options
author | justdave%syndicomm.com <> | 2002-01-20 09:44:34 +0000 |
---|---|---|
committer | justdave%syndicomm.com <> | 2002-01-20 09:44:34 +0000 |
commit | 4e6767d4c3d1b0b583f4ec076992345545294748 (patch) | |
tree | 44d10a299f4d910400fb420b38e21e769c00be7e /showdependencygraph.cgi | |
parent | Remove files no longer needed after the latest changes to the docs (diff) | |
download | bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.gz bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.bz2 bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.zip |
Fix for bug 108982: enable taint mode for all user-facing CGI files.
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave
Diffstat (limited to 'showdependencygraph.cgi')
-rwxr-xr-x | showdependencygraph.cgi | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi index a10afb896..4bb90d497 100755 --- a/showdependencygraph.cgi +++ b/showdependencygraph.cgi @@ -1,4 +1,4 @@ -#!/usr/bonsaitools/bin/perl -w +#!/usr/bonsaitools/bin/perl -wT # -*- Mode: perl; indent-tabs-mode: nil -*- # # The contents of this file are subject to the Mozilla Public @@ -23,6 +23,8 @@ use diagnostics; use strict; +use lib qw(.); + require "CGI.pl"; ConnectToDatabase(); @@ -168,6 +170,10 @@ node [URL="${urlbase}show_bug.cgi?id=\\N", style=filled, color=lightgrey] # Cleanup any old .dot files created from previous runs. my $since = time() - 24 * 60 * 60; foreach my $f (glob("data/webdot/*.dot")) { + # Here we are deleting all old files. All entries are from the + # data/webdot/ directory. Since we're deleting the file (not following + # symlinks), this can't escape to delete anything it shouldn't + trick_taint($f); if (ModTime($f) < $since) { unlink $f; } |