[LON-CAPA-cvs] cvs: loncom /interface domainprefs.pm
raeburn
raeburn at source.lon-capa.org
Sun Nov 12 14:46:30 EST 2017
raeburn Sun Nov 12 19:46:30 2017 EDT
Modified files:
/loncom/interface domainprefs.pm
Log:
- Untaint system() calls by forcing list processing mode.
- Use three-argument open() to separate file mode from the filename.
Index: loncom/interface/domainprefs.pm
diff -u loncom/interface/domainprefs.pm:1.315 loncom/interface/domainprefs.pm:1.316
--- loncom/interface/domainprefs.pm:1.315 Fri Oct 13 20:37:34 2017
+++ loncom/interface/domainprefs.pm Sun Nov 12 19:46:30 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: domainprefs.pm,v 1.315 2017/10/13 20:37:34 raeburn Exp $
+# $Id: domainprefs.pm,v 1.316 2017/11/12 19:46:30 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1656,7 +1656,8 @@
if ($fullwidth ne '' && $fullheight ne '') {
if ($fullwidth > $width && $fullheight > $height) {
my $size = $width.'x'.$height;
- system("convert -sample $size $input $output");
+ my @args = ('convert','-sample',$size,$input,$output);
+ system({$args[0]} @args);
$showfile = "/$imgdir/tn-".$filename;
}
}
@@ -9066,14 +9067,14 @@
} else {
my $source = $filepath.'/'.$file;
my $logfile;
- if (!open($logfile,">>$source".'.log')) {
+ if (!open($logfile,">>",$source.'.log')) {
return (&mt('No write permission to Authoring Space'));
}
print $logfile
"\n================= Publish ".localtime()." ================\n".
$env{'user.name'}.':'.$env{'user.domain'}."\n";
# Save the file
- if (!open(FH,'>'.$source)) {
+ if (!open(FH,">",$source)) {
&Apache::lonnet::logthis('Failed to create '.$source);
return (&mt('Failed to create file'));
}
@@ -9134,7 +9135,8 @@
if ($fullwidth ne '' && $fullheight ne '') {
if ($fullwidth > $thumbwidth && $fullheight > $thumbheight) {
my $thumbsize = $thumbwidth.'x'.$thumbheight;
- system("convert -sample $thumbsize $inputfile $outfile");
+ my @args = ('convert','-sample',$thumbsize,$inputfile,$outfile);
+ system({$args[0]} @args);
chmod(0660, $filepath.'/tn-'.$file);
if (-e $outfile) {
my $copyfile=$targetdir.'/tn-'.$file;
@@ -9214,7 +9216,7 @@
{
print $logfile "\nWrite metadata file for ".$targetdir.'/'.$file;
my $mfh;
- if (open($mfh,'>'.$targetdir.'/'.$file.'.meta')) {
+ if (open($mfh,">",$targetdir.'/'.$file.'.meta')) {
foreach (sort(keys(%metadatafields))) {
unless ($_=~/\./) {
my $unikey=$_;
@@ -9248,7 +9250,7 @@
next unless (ref($targetsource) eq 'ARRAY');
my ($target,$source)=@{$targetsource};
if ($source ne '') {
- if (open(my $logfh,'>>'.$source.'.log')) {
+ if (open(my $logfh,">>",$source.'.log')) {
print $logfh "\nCleanup phase: Notifications\n";
my @subscribed=&subscribed_hosts($target);
foreach my $subhost (@subscribed) {
@@ -9274,7 +9276,7 @@
sub subscribed_hosts {
my ($target) = @_;
my @subscribed;
- if (open(my $fh,"<$target.subscription")) {
+ if (open(my $fh,"<","$target.subscription")) {
while (my $subline=<$fh>) {
if ($subline =~ /^($match_lonid):/) {
my $host = $1;
More information about the LON-CAPA-cvs
mailing list