File: 0002-rm-untaint.patch

package info (click to toggle)
syncache 1.4-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 248 kB
  • sloc: ruby: 1,536; sh: 108; makefile: 2
file content (39 lines) | stat: -rw-r--r-- 1,124 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
Description: Remove untaint
Author: Bastian Germann <bage@debian.org>
Bug-Debian: https://bugs.debian.org/1106396
---
--- syncache-1.4.orig/bin/syncache-drb
+++ syncache-1.4/bin/syncache-drb
@@ -90,7 +90,7 @@ Options:
     @debug = false
     @pidfile = (0 == Process.uid) ?
       "/var/run/#{PNAME}/#{PNAME}.pid" :
-      File.join((ENV.has_key?('TMPDIR') ? ENV['TMPDIR'].dup.untaint : '/tmp'),
+      File.join((ENV.has_key?('TMPDIR') ? ENV['TMPDIR'].dup : '/tmp'),
                 "#{PNAME}.pid")
     @foreground = false
 
@@ -105,19 +105,19 @@ Options:
       when '--flush-delay'
         @flush_delay = arg.to_i
       when '--user'
-        @user = arg.dup.untaint
+        @user = arg.dup
       when '--error-log'
-        @error_log = arg.dup.untaint
+        @error_log = arg.dup
       when '--debug'
         @debug = true
       when '--pidfile'
-        @pidfile = arg.dup.untaint
+        @pidfile = arg.dup
       when '--foreground'
         @foreground = true
       end
     end
 
-    @uri = ARGV[0].dup.untaint if ARGV[0]
+    @uri = ARGV[0].dup if ARGV[0]
     @user = Etc.getpwnam(@user)
   end