diff options
Diffstat (limited to 'mail/spamassassin/patches/patch-ar')
| -rw-r--r-- | mail/spamassassin/patches/patch-ar | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/mail/spamassassin/patches/patch-ar b/mail/spamassassin/patches/patch-ar deleted file mode 100644 index 5573bb139bc..00000000000 --- a/mail/spamassassin/patches/patch-ar +++ /dev/null @@ -1,19 +0,0 @@ -$NetBSD: patch-ar,v 1.3 2005/11/22 10:35:00 rillig Exp $ - -See http://mail-index.netbsd.org/tech-pkg/2005/11/22/0003.html - ---- lib/Mail/SpamAssassin/Conf/Parser.pm.orig Fri Aug 12 02:38:46 2005 -+++ lib/Mail/SpamAssassin/Conf/Parser.pm Tue Nov 22 11:31:13 2005 -@@ -908,6 +908,12 @@ sub is_regexp_valid { - # will therefore open a hole! - if (eval { ("" =~ m#${re}#); 1; }) { - -+ # untaint $safere. We know it's safe since $re, which is derived from -+ # $safere, passed the above test for code injection. Just good that -+ # Perl prevents injection of (?{...}) and (??{...}) groups automatically, -+ # so we don't need to check for that. -+ if ($safere =~ m#^(.*)$#) { $safere = $1; } -+ - # now double-check -- try with the user-supplied delimiters as well - my $evalstr = '("" =~ '.$safere.'); 1;'; - if (eval $evalstr) { |