Re: deb vfs security issue (CAN-2004-0494)

Leonard den Ottolander wrote:
The attached file is a much nicer solution. I believe the original
escaping in mcdebfs_run is redundant as the involved parameters are
passed to mcdebfs_copyout where they will be escaped. Is my use of map
+	local($archivename) = map(s/([^\w\/.+-])/\\$1/g, @_);

I would rather write

        my ($archivename) = map { s/([^\w\/.+-])/\\$1/g } @_;

map(expr, list) yields the result of the s/// operator, whereas map(block, list) executes the block with $_ aliased to the list item.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]