blob: f4ca2afc13f1f777f96a96943d5c58f200f0fab0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
From a6da9c67acaee699616516be141d600cc178a633 Mon Sep 17 00:00:00 2001
From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
Date: Sun, 28 Mar 2021 10:59:46 +0200
Subject: [PATCH 06/23] rda
---
src/rda.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/rda.c b/src/rda.c
index aed8abc24..6ad7dd8bd 100644
--- a/src/rda.c
+++ b/src/rda.c
@@ -179,10 +179,8 @@ struct stat statbuf;
/* Reading a file is a form of expansion; we wish to deny attackers the
capability to specify the file name. */
-if (is_tainted(filename))
+if (*error = is_tainted2(filename, 0, "Tainted name '%s' for file read not permitted\n", filename))
{
- *error = string_sprintf("Tainted name '%s' for file read not permitted\n",
- filename);
*yield = FF_ERROR;
return NULL;
}
--
2.30.2
|