From 5b7edbf2a43b81e19adfbe6ed915798f55292f3d Mon Sep 17 00:00:00 2001
From: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Date: Sat, 13 Oct 2007 22:18:33 +0000
Subject: [PATCH] untaint plugin filename, will be tainted if specified at the
 command line

---
 IkiWiki/Plugin/external.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/IkiWiki/Plugin/external.pm b/IkiWiki/Plugin/external.pm
index 9c31a70eb..f76b42c99 100644
--- a/IkiWiki/Plugin/external.pm
+++ b/IkiWiki/Plugin/external.pm
@@ -20,7 +20,8 @@ sub import { #{{{
 	return unless defined $plugin;
 
 	my ($plugin_read, $plugin_write);
-	my $pid = open2($plugin_read, $plugin_write, $plugin);
+	my $pid = open2($plugin_read, $plugin_write,
+		IkiWiki::possibly_foolish_untaint($plugin));
 
 	# open2 doesn't respect "use open ':utf8'"
 	binmode($plugin_read, ':utf8');
-- 
2.39.5