diff options
author | ru <ru@FreeBSD.org> | 2003-10-20 17:02:32 +0000 |
---|---|---|
committer | ru <ru@FreeBSD.org> | 2003-10-20 17:02:32 +0000 |
commit | fb143cdb0dcbf7fa22b4e08dc303a8fe8eea3125 (patch) | |
tree | 22af41d0e6cf9d3af4d673f4f39bba2a39612d27 /misc/smssend | |
parent | 56ba065001f77309bb7ac754d916679096b8c1fa (diff) | |
download | FreeBSD-ports-fb143cdb0dcbf7fa22b4e08dc303a8fe8eea3125.zip FreeBSD-ports-fb143cdb0dcbf7fa22b4e08dc303a8fe8eea3125.tar.gz |
Close a big security hole in the email2smssend(1) Perl script.
Diffstat (limited to 'misc/smssend')
-rw-r--r-- | misc/smssend/Makefile | 1 | ||||
-rw-r--r-- | misc/smssend/files/patch-email2smssend | 39 |
2 files changed, 40 insertions, 0 deletions
diff --git a/misc/smssend/Makefile b/misc/smssend/Makefile index 032aa51..12e4b08 100644 --- a/misc/smssend/Makefile +++ b/misc/smssend/Makefile @@ -7,6 +7,7 @@ PORTNAME= smssend PORTVERSION= 2.9 +PORTREVISION= 1 CATEGORIES= misc MASTER_SITES= http://zekiller.skytech.org/fichiers/smssend/ diff --git a/misc/smssend/files/patch-email2smssend b/misc/smssend/files/patch-email2smssend new file mode 100644 index 0000000..f1e3ebd --- /dev/null +++ b/misc/smssend/files/patch-email2smssend @@ -0,0 +1,39 @@ +--- email2smssend Thu Jul 12 03:55:48 2001 ++++ email2smssend Mon Oct 20 19:57:53 2003 +@@ -31,7 +31,7 @@ + my ($message, @tmp_messages, @messages); + my ($limit_size, $limit_sms); + my ($show_index, $reverse, $diff, $opt); +-my ($total_nb, $cpt, $prepend, $before, $after, @before__after); ++my ($total_nb, $cpt, $prepend, @before, @after); + + # Display usage help. + sub Usage { +@@ -121,10 +121,13 @@ + } + + # Search if a parameter is "--" +-@before__after = split (/\s--\s/, join (" ", @ARGV) . " "); +-$before = $before__after[0]; +-$after = $before__after[1]; +-$after = " -- " . $after if ($after ne ""); ++while ($opt = shift (@ARGV)) { ++ if ($opt eq "--") { ++ @after = ($opt, @ARGV); ++ last; ++ }; ++ @before = (@before, $opt); ++} + + # Initialize cpt + $total_nb = scalar(@messages); +@@ -140,7 +143,7 @@ + $prepend = $cpt . "/$total_nb: " if ($show_index == 1); + $cpt += $diff; + # for debug, uncomment the "print" and comment the "system" +- # print $sms_bin . " " . $before . " \"" . $prepend . $_ . "\" " . $after . "\n"; +- system ($sms_bin . " " . $before . " \"" . $prepend . $_ . "\" " . $after); ++ # print $sms_bin, " ", @before, " ", $prepend . $_, " ", @after, "\n"; ++ system $sms_bin, @before, $prepend . $_, @after; + } + |