Security hole in multipart.cgi.in, w3mman2html.cgi.in

From: Hironori Sakamoto <h-saka@lsi.nec.co.jp>
2001-12-21 18:33:41 +00:00
parent 4678cc6395
commit 54702c4d83
4 changed files with 17 additions and 9 deletions
--- a/scripts/w3mhelp.cgi.in
+++ b/scripts/w3mhelp.cgi.in
@@ -1,5 +1,5 @@
 #!@PERL@
-# $Id: w3mhelp.cgi.in,v 1.3 2001/12/02 13:16:29 ukai Exp $
+# $Id: w3mhelp.cgi.in,v 1.4 2001/12/21 18:33:41 ukai Exp $

 $helpdir = "@HELP_DIR@";
 unshift(@INC, $helpdir);
@@ -29,7 +29,7 @@ if (defined($ENV{'QUERY_STRING'})) {
 	$tlang =~ s/\+|%([0-9A-Fa-f][0-9A-Fa-f])/$& eq '+' ? ' ' : pack('C', hex($1))/ge;
 	$tlang =~ tr/A-Z/a-z/;
 	print "tlang=$tlang\n";
-	eval qq{require "w3mhelp-funcdesc.$tlang.pl"};
+	eval {require "w3mhelp-funcdesc.$tlang.pl";};
 	if (defined(%funcdesc)) {
 	    $lang = $tlang;
 	}
@@ -37,7 +37,7 @@ if (defined($ENV{'QUERY_STRING'})) {
 }

 if (-f $keymap) {
-    open(KEYMAP, $keymap) || die "cannot open keymap: $keymap, $!";
+    open(KEYMAP, "< $keymap") || die "cannot open keymap: $keymap, $!";
    &load_keymap(*KEYMAP, $func);
    close(KEYMAP);
 }