fixed shellcode injection vulnerability in post data parser

svn path=/trunk/; revision=39

diff --git a/write/projectmeta.cgi b/write/projectmeta.cgi
index 7f95dfd609a9288c07c0994120c2eea66d0caa74..215fe45cb1f77064183aa37c60658cdb3d1deafa 100755 (executable)
--- a/write/projectmeta.cgi
+++ b/write/projectmeta.cgi
@@ -26,9 +26,9 @@ $ACL_ADMIN || exit 0
 if [ -n "${CONTENT_LENGTH}" -a "${CONTENT_LENGTH}" -gt 0 ]; then
 (head -c "${CONTENT_LENGTH}"; echo)|sed 's/&/\n/g' \
   |sed -rn '/^((appName|appSlogan|svnRepo|gitRepo|flattrThingURL|paypalAddress|btcAddress)=.*|repoType=(svn|git)|(useFlattr|usePaypal|useBitcoin)=yes)$/{
-            s:\+: :g;s:%:\\x:g;s:^([a-zA-Z0-9_+-]+)=(.*)$:\1='"'\2'"':;p}' \
+            s:\+: :g;s:%:\\x:g;p}' \
   |while line="$(line)"; do
-    eval "$(echo -e "$line" |tr -d '\n\r')"
+    eval "$(echo -e "$line" |sed -r 's:[\n\r'\'']::g;s:^([a-zA-Z0-9_+-]+)=(.*)$:\1='"'\2'"':;')"
   done
 fi