Skip to content
Snippets Groups Projects
Commit ccc12182 authored by Kevin P. Fleming's avatar Kevin P. Fleming
Browse files

protect web form parameters against malicious input

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6896 65c4cc65-6c06-0410-ace0-fbb531ad65f3
parent 06320f57
Branches
Tags
No related merge requests found
...@@ -545,14 +545,16 @@ _EOH ...@@ -545,14 +545,16 @@ _EOH
sub message_audio() sub message_audio()
{ {
my ($forcedownload) = @_; my ($forcedownload) = @_;
my $folder = param('folder'); my $folder = &untaint(param('folder'));
my $msgid = param('msgid'); my $msgid = &untaint(param('msgid'));
my $mailbox = param('mailbox'); my $mailbox = &untaint(param('mailbox'));
my $context = param('context'); my $context = &untaint(param('context'));
my $format = param('format'); my $format = param('format');
if (!$format) { if (!$format) {
$format = &getcookie('format'); $format = &getcookie('format');
} }
&untaint($format);
my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format"; my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format";
$msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!"); $msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!");
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment