Bug#631463: libpdf-api2-perl: Color data loaded from unicolor.txt is tainted since DSA-2265-1 fix applied
Mark van Walraven
noc at netvalue.net.nz
Fri Jun 24 03:55:28 UTC 2011
Package: libpdf-api2-perl
Version: 0.69-2
Severity: important
/usr/share/perl5/PDF/API2/Util.pm loads the %colors hash with name;value
data from /usr/share/perl5/PDF/API2/Resource/unicolor.txt, but fails to
untaint the hash key. Before the DSA-2265-1 fix, the color names were
laundered (probably unintentionally) by lc().
160 %colors=();
161 foreach my $dir (@INC) {
162 if(-f "$dir/PDF/API2/Resource/unicolor.txt")
163 {
164 my ($fh,$line);
165 open($fh,"$dir/PDF/API2/Resource/unicolor.txt");
166 while($line=<$fh>)
167 {
168 next if($line=~m|^#|);
169 chomp($line);
170 my ($name,$val)=split(/\s+;\s+/,$line);
171 $colors{lc $name}=$val;
172 }
173 close($fh);
174 last;
175 }
176 }
177 }
This causes content methods such as fillcolor() to fail taint checks
when using colour names.
Regards,
Mark.
-- System Information:
Debian Release: 5.0.8
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libpdf-api2-perl depends on:
ii libcompress-zlib-perl 2.012-1 Perl module for creation and manip
ii perl 5.10.0-19lenny4 Larry Wall's Practical Extraction
ii ttf-dejavu 2.25-3 Metapackage to pull in ttf-dejavu-
libpdf-api2-perl recommends no packages.
libpdf-api2-perl suggests no packages.
-- no debconf information
More information about the pkg-perl-maintainers
mailing list