[pLog-svn] Glob::myFnmatch should be case-sensitive or not?
Mark Wu
mark.wu at markplace.net
Tue Jul 18 07:59:07 GMT 2006
I just find a security issue. It seems harmless, I guess ...
I found if we use our own fnmatch function, it is case sensitive.
So, If I do not allow user upload "*.exe" into the reosurce center. It only
ban a.exe, but not A.EXE or a.Exe ..
Should we modify it to case-insensitive?
Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http:// devel.lifetype.net/pipermail/plog-svn/attachments/20060718/fcc387ab/attachment.html
More information about the pLog-svn
mailing list