[mapserver-commits] [MapServer/MapServer] c9542d: Address flaw in CGI mapfile loading that makes it ...
Steve Lime
noreply at github.com
Fri Apr 30 13:04:28 PDT 2021
Branch: refs/heads/main
Home: https://github.com/MapServer/MapServer
Commit: c9542df1dd9604b9dcf56a6d742ad26d68ac6455
https://github.com/MapServer/MapServer/commit/c9542df1dd9604b9dcf56a6d742ad26d68ac6455
Author: Steve Lime <steve.lime at state.mn.us>
Date: 2021-04-30 (Fri, 30 Apr 2021)
Changed paths:
M mapfile.c
M mapserv.c
M mapserver.h
M mapservutil.c
Log Message:
-----------
Address flaw in CGI mapfile loading that makes it possible to bypass security controls (#6313) (#6314)
* Create coverity-scan.yml
* Update coverity-scan.yml
* Avoid resource leak... (CID 1503409)
* Revert "Avoid resource leak... (CID 1503409)"
This reverts commit 7d261af86140a491df170ba7054aa9d1aa9f3ad7.
* Updated...
* Limit action to MapServer/MapServer repo, run every Sunday (for now).
* Always force map parameter values through validation checks. Add validation checks on environment variable names.
* msIsValidRegex(): fix memleak
Co-authored-by: Even Rouault <even.rouault at spatialys.com>
More information about the mapserver-commits
mailing list