From d6077d9a9acad1e2f3357aac7dd9bc0656722ced Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20K=C3=A1cha?= <ph@cesnet.cz>
Date: Thu, 16 Jan 2014 16:31:22 +0100
Subject: [PATCH] Script name variable now untainted to allow running within -T
 application constraints (#1314)

---
 src/contrib/warden-client-nosoap/lib/WardenClientReceive.pm | 2 +-
 src/warden-client/lib/WardenClientReceive.pm                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/contrib/warden-client-nosoap/lib/WardenClientReceive.pm b/src/contrib/warden-client-nosoap/lib/WardenClientReceive.pm
index d8a6b9c..c429fa5 100755
--- a/src/contrib/warden-client-nosoap/lib/WardenClientReceive.pm
+++ b/src/contrib/warden-client-nosoap/lib/WardenClientReceive.pm
@@ -36,7 +36,7 @@ sub getNewEvents
     WardenClientConf::loadConf($conf_file);
 
     # set name of ID file for each client aplication 
-    my $caller_name = $FindBin::Script;
+    my ($caller_name) = ($FindBin::Script =~ /^(.*)$/);	# untaint
     my $id_file = $vardir . $caller_name . "-". ($requested_type || "any") . ".id";
 
     #-----------------------------------------------------------------------------
diff --git a/src/warden-client/lib/WardenClientReceive.pm b/src/warden-client/lib/WardenClientReceive.pm
index 14c012b..6718d13 100755
--- a/src/warden-client/lib/WardenClientReceive.pm
+++ b/src/warden-client/lib/WardenClientReceive.pm
@@ -39,7 +39,7 @@ sub getNewEvents
     WardenClientConf::loadConf($conf_file);
 
     # set name of ID file for each client aplication 
-    my $caller_name = $FindBin::Script;
+    my ($caller_name) = ($FindBin::Script =~ /^(.*)$/);	# untaint
     my $id_file = $vardir . $caller_name . "-". ($requested_type || "any") . ".id";
 
     #-----------------------------------------------------------------------------
-- 
GitLab