diff options
| -rwxr-xr-x | borg-restore.pl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/borg-restore.pl b/borg-restore.pl index b16a0d2..04385c2 100755 --- a/borg-restore.pl +++ b/borg-restore.pl @@ -598,7 +598,7 @@ sub _open_db { my $self = shift; my $dbfile = shift; - $self->{dbh} = DBI->connect("dbi:SQLite:dbname=$dbfile","","", {RaiseError => 1}); + $self->{dbh} = DBI->connect("dbi:SQLite:dbname=$dbfile","","", {RaiseError => 1, Taint => 1}); $self->{dbh}->do("PRAGMA cache_size=-1024000"); $self->{dbh}->do("PRAGMA strict=ON"); } @@ -708,7 +708,7 @@ sub get_archives_for_path { my $path = shift; my $st = $self->{dbh}->prepare('select * from `files` where `path` = ?;'); - $st->execute($path); + $st->execute(untaint($path, qr(.*))); my @ret; |