Menu
▾
▴
[TWiki-Dev] [SVN] r3299 - twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki
|
From: <Mar...@nt...> - 2004-11-29 16:59:46
|
Author: MartinCleaver
Date: 2004-11-29 08:59:29 -0800 (Mon, 29 Nov 2004)
New Revision: 3299
Modified:
twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm
Log:
RegisterCgiScriptRewrite: Searchbug fix implemented
Modified: twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm
===================================================================
--- twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm 2004-11-29 16:17:22 UTC (rev 3298)
+++ twiki/scratch/RegisterCgiScriptRewrite/lib/TWiki/Search.pm 2004-11-29 16:59:29 UTC (rev 3299)
@@ -434,6 +434,13 @@
my $tempVal = "";
my $tmpl = "";
my $topicCount = 0; # JohnTalintyre
+
+ # fix for Codev.SecurityAlertExecuteCommandsWithSearch
+ # vulnerability, search: "test_vulnerability '; ls -la'"
+ $theSearchVal =~ s/(^|[^\\])([\'\`])/\\$2/g; # Escape ' and `
+ $theSearchVal =~ s/[\@\$]\(/$1\\\(/g; # Defuse @( ... ) and $( ... )
+ $theSearchVal = substr($theSearchVal, 0, 1500); # Limit string length
+
my $originalSearch = $theSearchVal;
my $renameTopic;
my $renameWeb = "";
|