https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6698
--- Comment #22 from Mark Martinec <[email protected]> 2011-11-15 00:57:10 UTC --- > I think you really need something like > my $home = $conf->{dcc_home} || '/var/dcc'; > and then using $home instead of $conf->{dcc_home} in line 516. Sure, if you want. I removed the "my $home=..." from your code as it was not used anywhere. > I don't understand how some of the changes to regular > expressions or replacing > if ($x) { > with > if (defined $x && $x ne '') { > qualifies as streamlining I was referring to 5 unrolled copies of: $pgmpath = ... return $pgmpath if (-x $pgmpath); being replaced by a foreach loop. > Never mind what I just wrote about $conf->{dcc_home} > and $conf->{dcc_libexec} possibly being undefined. > I now think they're always set to something in ck_dir(). I didn't check this. If we are not sure we can put back the test for defined() back. I only checked that $conf->{dcc_home} already is untainted by the config parsing code, so the call to untaint_file_path was redundant. > Please also forget my comment about !$x versus > defined $x && $x ne '' > I now realize that the intent was probably to > allow files and directories named '0'. Exactly! This is one of my pet peeves! Around me it is not uncommon that some throwaway/test program is kept on a file named "0". Surprisingly often this reveals a bug in some program. In the same vein we had a bug in SpamAssassin, where a "Subject: 0" was marked as a missing Subject header field! This is described under Bug 5965: - header field with a value of "0" (zero) invisible; - do not treat user data as perl booleans (a string "0" is a false); - continue work on avoiding user data to be tested as perl booleans, instead test for defined or for an empty string as appropriate; -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
