diff options
author | mkanat%bugzilla.org <> | 2008-12-22 16:50:50 +0100 |
---|---|---|
committer | mkanat%bugzilla.org <> | 2008-12-22 16:50:50 +0100 |
commit | 570ca770d29d7800f79d6789c2b1142e383a348a (patch) | |
tree | 7a7e33417c8aef4c66d2e718efa87e75d1ace56e /Bugzilla.pm | |
parent | 70b735126db509eda6f7d2c8cab64e3293b8319f (diff) | |
download | bugzilla-570ca770d29d7800f79d6789c2b1142e383a348a.tar.gz bugzilla-570ca770d29d7800f79d6789c2b1142e383a348a.tar.xz |
Bug 470442: Only delete tainted environment variables if we're running in taint mode
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
Diffstat (limited to 'Bugzilla.pm')
-rw-r--r-- | Bugzilla.pm | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 354d05148..00740682c 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -83,11 +83,14 @@ use constant SHUTDOWNHTML_EXIT_SILENTLY => [ sub init_page { (binmode STDOUT, ':utf8') if Bugzilla->params->{'utf8'}; - # Some environment variables are not taint safe - delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - # Some modules throw undefined errors (notably File::Spec::Win32) if - # PATH is undefined. - $ENV{'PATH'} = ''; + + if (${^TAINT}) { + # Some environment variables are not taint safe + delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; + # Some modules throw undefined errors (notably File::Spec::Win32) if + # PATH is undefined. + $ENV{'PATH'} = ''; + } # IIS prints out warnings to the webpage, so ignore them, or log them # to a file if the file exists. |