This one time, at band camp, Neil McGovern said:
> Please find attached a patch which should solve (at least partially)
> this problem.
>
> * removes -r option from wget.
> * specifies an output file to ensure you don't end up with thousands of
> files.
> * performs perl syntax check to ensure it's a valid perl file.
>
> This doesn't fix the security hole, which is a bug all in itself.
+
+ # Check it's a valid perl file
+ system("perl","-c",$destfile,"&>/dev/null");
+ if ($? != 0) {
+ print STDERR "File $destfile is invalid, restoring\n";
+ rename $destfile.".bak",$destfile;
<pedantry>
Two notes about your invocation of system:
It's considered better form to pass the arguments to system as an
array, and you don't want the output anyway, so:
my @args = ("perl","-c",$destfile);
my $foo = qx/ @args /; # foo contains the output that is ignorable
# you can optionally not assign the output, or
# immediately undef $foo, or just move on
The return value of system is the exit status of the program as returned
by the "wait" call. To get the actual exit value, shift right by eight.
In this case, there's no difference since you're only looking for 0,
but I always cringe when I see it used bare, as I have made that mistake
before, so:
if ($? >> 8 != 0) {
</pedantry>
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : [EMAIL PROTECTED] |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
signature.asc
Description: Digital signature
