diff options
| author | Florian Pritz <bluewind@xinu.at> | 2017-01-22 17:02:00 +0100 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2017-01-22 17:02:00 +0100 |
| commit | ec60a064cdd8a2eec93f0d1312209f42aca88e38 (patch) | |
| tree | 268724626b58c232aaa69b45e0a046054cd6bcb7 | |
| parent | d96f1f181d99da6cdab18bf22fe2ed70d73b81d3 (diff) | |
| download | bin-ec60a064cdd8a2eec93f0d1312209f42aca88e38.tar.gz bin-ec60a064cdd8a2eec93f0d1312209f42aca88e38.tar.xz | |
borg-restore.pl: Use taint mode with DBI
Signed-off-by: Florian Pritz <bluewind@xinu.at>
| -rwxr-xr-x | borg-restore.pl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/borg-restore.pl b/borg-restore.pl index b16a0d2..04385c2 100755 --- a/borg-restore.pl +++ b/borg-restore.pl @@ -598,7 +598,7 @@ sub _open_db { my $self = shift; my $dbfile = shift; - $self->{dbh} = DBI->connect("dbi:SQLite:dbname=$dbfile","","", {RaiseError => 1}); + $self->{dbh} = DBI->connect("dbi:SQLite:dbname=$dbfile","","", {RaiseError => 1, Taint => 1}); $self->{dbh}->do("PRAGMA cache_size=-1024000"); $self->{dbh}->do("PRAGMA strict=ON"); } @@ -708,7 +708,7 @@ sub get_archives_for_path { my $path = shift; my $st = $self->{dbh}->prepare('select * from `files` where `path` = ?;'); - $st->execute($path); + $st->execute(untaint($path, qr(.*))); my @ret; |