Message297468
It's certainly exploitable for remote code execution if user data allows embedded nulls (can you URL encode %00?). The fixes look fine and shouldn't cause any new issues, though I thought that fsencode() already rejected embedded nulls - maybe I'm thinking of the argument converter though, which is not invoked here. |
|
Date |
User |
Action |
Args |
2017-07-01 04:37:07 | steve.dower | set | recipients:
+ steve.dower, georg.brandl, paul.moore, larry, tim.golden, benjamin.peterson, ned.deily, zach.ware, serhiy.storchaka |
2017-07-01 04:37:07 | steve.dower | set | messageid: <1498883827.43.0.157852676739.issue30730@psf.upfronthosting.co.za> |
2017-07-01 04:37:07 | steve.dower | link | issue30730 messages |
2017-07-01 04:37:07 | steve.dower | create | |
|