SA Bugzilla – Bug 8025
Taint failure handling Windows short path
Last modified: 2022-08-20 11:41:57 UTC
The fix for bug 8010 does not handle the '~' character in Windows short paths. This is showing up as the same test failures as in bug 8010 when a test encounters the short form of a directory name.
The problem of untainting Windows file paths was already properly solved in Mail::SpamAssassin::Utils::untaint_file_path() but it couldn't be called directly in this case. Fix was to copy/paste to use the same pattern as that sub uses. trunk % svn ci -m "bug 8025 - Use better untaint pattern for Windows file paths than the incomplete fix for bug 8010" lib/Mail/SpamAssassin.pm Sending lib/Mail/SpamAssassin.pm Transmitting file data .done Committing transaction... Committed revision 1903383.
trunk % svn ci -m "bug 8025 - Add a comment referencing this issue to the fix already committed" Sending lib/Mail/SpamAssassin.pm Transmitting file data .done Committing transaction... Committed revision 1903595.