From 2c357f7cf6ff16d4d44c2dcbce8375eefe9a7c52 Mon Sep 17 00:00:00 2001
From: "git@daemon.de" <git@daemon.de>
Date: Fri, 5 Jul 2013 10:10:21 +0200
Subject: [PATCH] fixed cpantester problem with taintmode unlink() call, now
 $tmpfile is untainted before

---
 lib/Crypt/PWSafe3.pm | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/lib/Crypt/PWSafe3.pm b/lib/Crypt/PWSafe3.pm
index 4ac114e..ccf90e6 100644
--- a/lib/Crypt/PWSafe3.pm
+++ b/lib/Crypt/PWSafe3.pm
@@ -294,6 +294,18 @@ sub read {
   $this->{fd}->close();
 }
 
+sub untaint {
+  #
+  # untaint path's
+  my ($this, $path) = @_;
+  if($path =~ /([\w\-\/\\\.:]+\z)/) {
+    return $1;
+  }
+  else {
+   # fail, return unchanged
+   return $path;
+  }
+}
 
 sub save {
   #
@@ -325,8 +337,9 @@ sub save {
   $this->addheader($whatsaved);
   $this->addheader($whosaved);
 
-  my $tmpfile = File::Spec->catfile(File::Spec->tmpdir(),
-				    ".vault-" . unpack("L<4", $this->random(16)));
+  my $tmpfile = $this->untaint(File::Spec->catfile(File::Spec->tmpdir(),
+		               ".vault-" . unpack("L<4", $this->random(16))));
+  
   unlink $tmpfile;
   my $fd = new FileHandle($tmpfile, 'w') or croak "Could not open tmpfile $tmpfile: $!\n";
   $fd->binmode();