dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security: use 3-form for open

Browse Source
This commit is contained in:
Xavier Guimard 2019-08-28 11:32:29 +02:00
parent fc35c17383
commit 1660109e2f
5 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session.pm
View File

@ -15,7 +15,7 @@ use Lemonldap::NG::Common::Apache::Session::Serialize::JSON;
use Lemonldap::NG::Common::Apache::Session::Store;
use Lemonldap::NG::Common::Apache::Session::Lock;
our $VERSION = '2.0.0';
our $VERSION = '2.0.6';
sub _load {
my ( $backend, $func ) = @_;
@ -248,7 +248,7 @@ sub _FileGKFAS {
closedir DIR;
my %res;
for my $f (@t) {
open F, "$args->{Directory}/$f";
open F, '<', "$args->{Directory}/$f";
my $row = join '', <F>;
if ( ref($data) eq 'CODE' ) {
eval { $res{$f} = &$data( $args->{unserialize}->($row), $f ); };
@ -288,7 +288,7 @@ sub _PHPGKFAS {
closedir DIR;
my %res;
for my $f (@t) {
open F, "$args->{SavePath}/$f";
open F, '<', "$args->{SavePath}/$f";
my $row = join '', <F>;
if ( ref($data) eq 'CODE' ) {
$res{$f} =

10
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/File.pm
View File

@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
use JSON;
use Encode;
our $VERSION = '2.0.0';
our $VERSION = '2.0.6';
our $initDone;
sub Lemonldap::NG::Common::Conf::_lock {
@ -40,7 +40,7 @@ sub available {
closedir D;
@conf =
sort { $a <=> $b }
map { /lmConf-(\d+)(?:\.js(?:on))?/ ? ( $1 + 0 ) : () } @conf;
map { /lmConf-(\d+)(?:\.js(?:on))?/ ? ( $1 + 0 ) : () } @conf;
return @conf;
}
@ -106,7 +106,7 @@ sub load {
if ($filename) {
local $/ = '';
my $ret;
unless ( open FILE, $filename ) {
unless ( open FILE, '<', $filename ) {
$Lemonldap::NG::Common::Conf::msg .= "Read error: $!$@";
return undef;
}
@ -124,9 +124,9 @@ sub load {
# Old format
elsif ( -e "$self->{dirName}/lmConf-$cfgNum" ) {
open FILE, "$self->{dirName}/lmConf-$cfgNum" or die "$!$@";
open FILE, '<', "$self->{dirName}/lmConf-$cfgNum" or die "$!$@";
local $/ = "";
unless ( open FILE, $self->{dirName} . "/lmConf-$cfgNum" ) {
unless ( open FILE, '<', $self->{dirName} . "/lmConf-$cfgNum" ) {
$Lemonldap::NG::Common::Conf::msg .= "Open file failed: $! \n";
return undef;
}

4
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/YAMLFile.pm
View File

@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
use YAML qw();
use Encode;
our $VERSION = '2.0.3';
our $VERSION = '2.0.6';
our $initDone;
$YAML::Numify = 1;
@ -101,7 +101,7 @@ sub load {
$filename = $self->_yamlFile($cfgNum);
local $/ = '';
my $ret;
unless ( open FILE, $filename ) {
unless ( open FILE, '<', $filename ) {
$Lemonldap::NG::Common::Conf::msg .= "Read error: $!$@";
return undef;
}

7
lemonldap-ng-common/lib/Lemonldap/NG/Common/Notifications/File.pm
View File

@ -9,7 +9,7 @@ use strict;
use Mouse;
use MIME::Base64;
our $VERSION = '2.0.0';
our $VERSION = '2.0.6';
extends 'Lemonldap::NG::Common::Notifications';
@ -47,7 +47,7 @@ sub get {
my $files;
foreach my $file (@notif) {
unless ( open F, $self->{dirName} . "/$file" ) {
unless ( open F, '<', $self->{dirName} . "/$file" ) {
$self->logger->error(
"Unable to read notification $self->{dirName}/$file");
next;
@ -116,7 +116,8 @@ sub newNotif {
return ( 0, 'This notification still exists' ) if ( -e $filename );
my $old = ( $filename =~ /(.*?)(?:\.$ext)$/ )[0] . '.done';
return ( 0, 'This notification has been done' ) if ( -e $old );
open my $F, ">$filename" or return ( 0, "Unable to create $filename ($!)" );
open my $F, '>', $filename
or return ( 0, "Unable to create $filename ($!)" );
binmode($F);
print $F $content;
return ( 0, "Unable to close $filename ($!)" ) unless ( close $F );

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm
View File

@ -14,7 +14,7 @@ use Email::Sender::Transport::SMTP qw();
use MIME::Base64;
use Encode;
our $VERSION = '2.0.4';
our $VERSION = '2.0.6';
our $transport;
@ -104,7 +104,7 @@ sub translate {
my $json = $self->conf->{templateDir} . "/common/mail/$lang_code.json";
$json = $self->conf->{templateDir} . '/common/mail/en.json'
unless ( -f $json );
open F, $json
open F, '<', $json
or die 'Installation error: '
. $!
. " ($self->{conf}->{templateDir}/$lang_code.json or $self->{conf}->{templateDir}/common/mail/en.json)";