From patchwork Sun Aug 8 17:21:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolas George X-Patchwork-Id: 29351 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a6b:6c0f:0:0:0:0:0 with SMTP id a15csp2202883ioh; Sun, 8 Aug 2021 10:22:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxpvQRSPtArqBmeUcwe/9fLPpXb7jrx+yvfOCe3fMn70bX8hidh/yD162sfMp0FhPnmapWw X-Received: by 2002:a05:6402:3094:: with SMTP id de20mr25340087edb.272.1628443328385; Sun, 08 Aug 2021 10:22:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628443328; cv=none; d=google.com; s=arc-20160816; b=cfhEEgEhH6X7HjP5vjPGj0REygR3s2gHvSyJSO0VoU0eE2WNDAVFvWW+pzOtFUjejR 1tJNDfqrH1n2ztFx2b1BPa8X5XLddRMh1981GjgmQevF/cn1KdzPnh9iTeImbBnDrgMb SENLYg2ypywc9Wxa7hWDV8ePRy46eHor6QY68qcgcZB8bOl+YvVLUXjdYDrvH1l6WwSV 0M56Px0iUgDYFjIi1W82359Tne6RqpZYU6luosPwuePQnx2hBAFLZtXRJD4I2wM/veRM TuhU9w7xmDJE2hlALYDwXId7XLE+GlHGtyQQ4uwUOAOHkUJ7bRbe2YoW7iHhkpR2DUKz 8ymg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject :content-disposition:mime-version:message-id:to:from:date :delivered-to; bh=frcD2ZihnPTdI0JKkQmSAiQuwEHFjHKLLh0mQ/kGRgw=; b=R6IS1MVXVbXOG/tSZl6Z2ANfZdn8EhVqIPV+muhP/WfH/9jT81gWw7HzB839lhAtqp Z6VctcsCDQDMMNJUKbgZj/14/ic8Px4qA7UzbTQfsgnhrGs2xyOJLvTw0XHcKJlabhZc uR/EcptNbDP/0hiv9RKk4F49JwgyjfYP4hoqyY4TWh8tsmbSDVueY56P0P2NTt3fYJRN Fv3gZ558pW8qWxvYenD99WEN3eb1u7uyryGs8jaezGnKt8gY3Gmr5jDkhLFZvEOidXym 7vxhO27XfqHeSOB/bbVDmzJWvmfT5tbwXedqBmwOwqBa1sfnc3UO3HITNzQFPyGzg6+h caOw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id da22si14382540edb.500.2021.08.08.10.22.07; Sun, 08 Aug 2021 10:22:08 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 4E52168A318; Sun, 8 Aug 2021 20:22:03 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from nef.ens.fr (nef2.ens.fr [129.199.96.40]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 6896D6883DD for ; Sun, 8 Aug 2021 20:21:57 +0300 (EEST) X-ENS-nef-client: 129.199.129.80 ( name = phare.normalesup.org ) Received: from phare.normalesup.org (phare.normalesup.org [129.199.129.80]) by nef.ens.fr (8.14.4/1.01.28121999) with ESMTP id 178HLtwd017198 for ; Sun, 8 Aug 2021 19:21:56 +0200 Received: by phare.normalesup.org (Postfix, from userid 1001) id AE563E62AD; Sun, 8 Aug 2021 19:21:55 +0200 (CEST) Date: Sun, 8 Aug 2021 19:21:55 +0200 From: Nicolas George To: ffmpeg-devel@ffmpeg.org Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (nef.ens.fr [129.199.96.32]); Sun, 08 Aug 2021 19:21:56 +0200 (CEST) Subject: [FFmpeg-devel] [PATCH] [fateserver] Cleanup and security strengthening X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: LCwZJD2ejxX/ Hi. Here is a patch series for fateserver, to fix warnings and enable Perl's taint checks, thus protecting against a whole class of security issues. There would be more work to make this really clean, but I need to wait for my ISP to fix its crap before I can do it comfortably. If it looks to work correctly on the real or beta server and it is confirmed that the recent issue is avoided, please feel free to apply without waiting for me. Regards, diff --git a/FATE.pm b/FATE.pm index 50b5c69..27bd960 100644 --- a/FATE.pm +++ b/FATE.pm @@ -28,9 +28,9 @@ BEGIN { @EXPORT = qw/split_header split_config split_rec parse_date agestr split_stats load_summary load_report load_lastpass start end tag h1 span trow trowa trowh th td anchor - head1 head2 head3 footer - fail $fatedir $recent_age $ancient_age $hidden_age href - $gitweb/; + head1 head2 head3 footer href + fail + $fatedir $recent_age $ancient_age $hidden_age $gitweb/; } our $fatedir = "/var/www/fateweb";