Bug#834213: perlcritic: some code causes a perltidy.ERR file to be created or overwritten
Don Armstrong
don at debian.org
Mon May 15 14:51:57 UTC 2017
Control: clone -1 -2
Control: affects -2 perlcritic
Control: tag -1 - security
Control: severity -2 important
On Mon, 15 May 2017, Jakub Wilk wrote:
> Control: tags -1 + security
>
> * Paul Wise <pabs at debian.org>, 2016-08-13, 15:09:
> > There is some code which causes perlcritic to create or overwrite a
> > perltidy.ERR file in the current directory.
>
> Perl::Tidy tries to delete existing perltidy.ERR; but if deleting fails, it
> proceeds as if nothing happened. This can be abused to overwrite arbitrary
> files via symlink attack:
Yeah, this definitely looks like a bug in perltidy. I've cloned and
reassigned this to perltidy since the underlying security issue needs to
be fixed there.
Perlcritic can work around it by using -se et al.
--
Don Armstrong https://www.donarmstrong.com
Whatever you do will be insignificant, but it is very important that
you do it.
-- Mohandas Karamchand Gandhi
More information about the pkg-perl-maintainers
mailing list