Snippet from http://www.easynews.com/virus.html:<snip>
@debug = `djpeg -debug $file 2>&1 > /dev/null`;
I've put together a combination of these two functions (which I'll post after I've refined it a bit), but I'm always worried about constructing a command line from untrusted input.
Does anyone know if the following code (from Tomasz' function) results in a shell-safe filename? The last thing we want is to give people an avenue to name files something like "gotcha; run-local-root-exploit /; .jpg"
> my $bh = $entity->bodyhandle();
> if (defined($bh)) {
> my $path = $bh->path();
> if (defined($path)) {-- Kelson Vibber SpeedGate Communications <www.speed.net>
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
