[EMAIL PROTECTED] wrote:
Index: Changes
===================================================================
RCS file: /home/cvs/modperl-2.0/Changes,v
retrieving revision 1.505
retrieving revision 1.506
diff -u -u -r1.505 -r1.506
--- Changes 30 Sep 2004 03:39:24 -0000 1.505
+++ Changes 1 Oct 2004 03:30:11 -0000 1.506
@@ -12,6 +12,10 @@
=item 1.99_17-dev
+make sure that Apache::Filter::read, APR::Socket::recv,
+Apache::RequestIO::read, APR::Brigade::flatten, and APR::Bucket::read
+all return tainted data under -T [Stas]
Could someone please verify whether I've missed some other methods that populate a buffer of data and we don't test whether they return tainted data? Thanks a bunch!
This commit has fixed 3 of the methods which previously didn't set the data to tainted under -T.
-- __________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
