protect web form parameters against malicious input

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6896 65c4cc65-6c06-0410-ace0-fbb531ad65f3
20 years ago · ccc121825f
parent 06320f5790
commit ccc121825f
1 changed files with 6 additions and 4 deletions
--- a/contrib/scripts/vmail.cgi
+++ b/contrib/scripts/vmail.cgi
@ -545,14 +545,16 @@ _EOH
 sub message_audio()
 {
 	my ($forcedownload) = @_;
-	my $folder = param('folder');
-	my $msgid = param('msgid');
-	my $mailbox = param('mailbox');
-	my $context = param('context');
+	my $folder = &untaint(param('folder'));
+	my $msgid = &untaint(param('msgid'));
+	my $mailbox = &untaint(param('mailbox'));
+	my $context = &untaint(param('context'));
 	my $format = param('format');
 	if (!$format) {
 		$format = &getcookie('format');
 	}
+	&untaint($format);
+
 	my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format";

 	$msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!");