Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 7.6] Address flaw in CGI mapfile loading that makes it possible to bypass security controls (#6313) (#6314) #6315

Merged
merged 1 commit into from
Apr 30, 2021

Conversation

rouault
Copy link
Contributor

@rouault rouault commented Apr 30, 2021

No description provided.

…security controls (MapServer#6313) (MapServer#6314)

* Create coverity-scan.yml

* Update coverity-scan.yml

* Avoid resource leak... (CID 1503409)

* Revert "Avoid resource leak... (CID 1503409)"

This reverts commit 7d261af.

* Updated...

* Limit action to MapServer/MapServer repo, run every Sunday (for now).

* Always force map parameter values through validation checks. Add validation checks on environment variable names.

* msIsValidRegex(): fix memleak

Co-authored-by: Even Rouault <even.rouault@spatialys.com>
@rouault rouault added this to the 7.6.3 milestone Apr 30, 2021
@rouault rouault merged commit 927ac97 into MapServer:branch-7-6 Apr 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants