diff options
author | Brian Carlson <brian.carlson@cpanel.net> | 2012-11-28 08:54:33 -0500 |
---|---|---|
committer | Ricardo Signes <rjbs@cpan.org> | 2012-12-04 14:06:33 -0500 |
commit | 1735f6f53ca19f99c6e9e39496c486af323ba6a8 (patch) | |
tree | 777885e6e83a6012db4e329fd60d1c10a5b72932 /dist/threads-shared/t | |
parent | 569ba91fcdabdc53eb4284f860a25273bd7fe4e1 (diff) | |
download | perl-1735f6f53ca19f99c6e9e39496c486af323ba6a8.tar.gz |
Fix misparsing of maketext strings.
Case 61251: This commit fixes a misparse of maketext strings that could
lead to arbitrary code execution. Basically, maketext was compiling
bracket notation into functions, but neglected to escape backslashes
inside the content or die on fully-qualified method names when
generating the code. This change escapes all such backslashes and dies
when a method name with a colon or apostrophe is specified.
Diffstat (limited to 'dist/threads-shared/t')
0 files changed, 0 insertions, 0 deletions