diff options
author | kpfleming <kpfleming@f38db490-d61c-443f-a65b-d21fe96a405b> | 2005-10-30 16:30:35 +0000 |
---|---|---|
committer | kpfleming <kpfleming@f38db490-d61c-443f-a65b-d21fe96a405b> | 2005-10-30 16:30:35 +0000 |
commit | 01ae466b0141688c1cf9e8e52f554751ba671081 (patch) | |
tree | 80bf210bad329f7924e25390480e8a09255c8db4 /contrib | |
parent | 2f31af92de34047acd397353b3778d9a181c22b5 (diff) |
protect web form parameters against malicious input
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@6896 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'contrib')
-rwxr-xr-x | contrib/scripts/vmail.cgi | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/contrib/scripts/vmail.cgi b/contrib/scripts/vmail.cgi index 5a428970d..4ac1c8579 100755 --- a/contrib/scripts/vmail.cgi +++ b/contrib/scripts/vmail.cgi @@ -545,14 +545,16 @@ _EOH sub message_audio() { my ($forcedownload) = @_; - my $folder = param('folder'); - my $msgid = param('msgid'); - my $mailbox = param('mailbox'); - my $context = param('context'); + my $folder = &untaint(param('folder')); + my $msgid = &untaint(param('msgid')); + my $mailbox = &untaint(param('mailbox')); + my $context = &untaint(param('context')); my $format = param('format'); if (!$format) { $format = &getcookie('format'); } + &untaint($format); + my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format"; $msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!"); |