protect web form parameters against malicious input
authorKevin P. Fleming <kpfleming@digium.com>
Sun, 30 Oct 2005 16:30:35 +0000 (16:30 +0000)
committerKevin P. Fleming <kpfleming@digium.com>
Sun, 30 Oct 2005 16:30:35 +0000 (16:30 +0000)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6896 65c4cc65-6c06-0410-ace0-fbb531ad65f3

contrib/scripts/vmail.cgi

index 5a42897..4ac1c85 100755 (executable)
@@ -545,14 +545,16 @@ _EOH
 sub message_audio()
 {
        my ($forcedownload) = @_;
-       my $folder = param('folder');
-       my $msgid = param('msgid');
-       my $mailbox = param('mailbox');
-       my $context = param('context');
+       my $folder = &untaint(param('folder'));
+       my $msgid = &untaint(param('msgid'));
+       my $mailbox = &untaint(param('mailbox'));
+       my $context = &untaint(param('context'));
        my $format = param('format');
        if (!$format) {
                $format = &getcookie('format');
        }
+       &untaint($format);
+
        my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format";
 
        $msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!");