oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed possible vulnerability loading help files

Browse source
This commit is contained in:
Doug Bell 2010-08-11 15:54:48 -05:00
parent 39e3c4fb7c
commit 6b1e02f764
3 changed files with 17 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lib/WebGUI/Operation/Help.pm
View file

@ -41,18 +41,16 @@ been already and logs errors during the load.
sub _loadHelp {
my $session = shift;
my $helpPackage = shift;
eval { WebGUI::Pluggable::load( $helpPackage ); };
if ($@) {
$session->errorHandler->error("Help failed to compile: $helpPackage. ".$@);
return {};
}
if (defined *{"$helpPackage\::HELP"}) { ##Symbol table lookup
our $table;
*table = *{"$helpPackage\::HELP"}; ##Create alias into symbol table
return $table; ##return whole hashref
}
my $load = sprintf 'use %-s; $%-s::HELP', $helpPackage, $helpPackage;
my $help = eval($load);
if ($@) {
$session->errorHandler->error("Help failed to compile: $helpPackage. ".$@);
return {};
}
return $help;
}
#-------------------------------------------------------------------