On Thu, 2011-05-05 at 10:33 -0400, Etan Reisner wrote: > Be very careful what chat rooms you join with that loaded. Without > sufficient sanitization (which you don't appear to even be attempting) > that's a gaping security hole for malicious chat room names.
Instead of this:
my $cmd = "/usr/bin/espeak \"$convtitle\"";
#Purple::Debug::info($logname, "$cmd\n");
eval {
system($cmd);
}
You probably want something like this (untested):
my @args = ("/usr/bin/espeak", $convtitle);
if (system(@args) != 0) {
Purple::Debug::error($logname, "espeak command failed");
}
Richard
signature.asc
Description: This is a digitally signed message part
_______________________________________________ [email protected] mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
