ignore supplied filenames in MIME to avoid taint issues

author Don Armstrong <don@donarmstrong.com>

Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)

committer Don Armstrong <don@donarmstrong.com>

Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)
author Don Armstrong <don@donarmstrong.com>
Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)
committer Don Armstrong <don@donarmstrong.com>
Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)
diff --git a/Debbugs/CGI/Bugreport.pm b/Debbugs/CGI/Bugreport.pm

index 7883cd5760d38ef513322fd59d908a841c94e193..95201d23a20b2c122c5b46218179f0c4c4bd42ca 100644 (file)
--- a/Debbugs/CGI/Bugreport.pm
+++ b/Debbugs/CGI/Bugreport.pm
@@ -476,6 +476,7 @@ sub handle_record{
            # this will be cleaned up once it goes out of scope
            my $tempdir = File::Temp->newdir();
            $parser->output_under($tempdir->dirname());
            # this will be cleaned up once it goes out of scope
            my $tempdir = File::Temp->newdir();
            $parser->output_under($tempdir->dirname());
+         $parser->filer->ignore_filename(1);
           my $entity;
           if ($record->{inner_file}) {
               $entity = $parser->parse($record->{fh});
           my $entity;
           if ($record->{inner_file}) {
               $entity = $parser->parse($record->{fh});
author	Don Armstrong <don@donarmstrong.com>
	Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)
committer	Don Armstrong <don@donarmstrong.com>
	Fri, 11 Aug 2017 20:42:53 +0000 (13:42 -0700)