From: <Mar...@nt...> - 2004-11-29 16:59:46
|
Author: MartinCleaver Date: 2004-11-29 08:59:29 -0800 (Mon, 29 Nov 2004) New Revision: 3299 Modified: twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm Log: RegisterCgiScriptRewrite: Searchbug fix implemented Modified: twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm =================================================================== --- twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm 2004-11-29 16:17:22 UTC (rev 3298) +++ twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm 2004-11-29 16:59:29 UTC (rev 3299) @@ -434,6 +434,13 @@ my $tempVal = ""; my $tmpl = ""; my $topicCount = 0; # JohnTalintyre + + # fix for Codev.SecurityAlertExecuteCommandsWithSearch + # vulnerability, search: "test_vulnerability '; ls -la'" + $theSearchVal =~ s/(^|[^\\])([\'\`])/\\$2/g; # Escape ' and ` + $theSearchVal =~ s/[\@\$]\(/$1\\\(/g; # Defuse @( ... ) and $( ... ) + $theSearchVal = substr($theSearchVal, 0, 1500); # Limit string length + my $originalSearch = $theSearchVal; my $renameTopic; my $renameWeb = ""; |