entrouvert
/
glasnost
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

security hazard; access to self on searchCriteria

This commit is contained in:
fpeters 2004-09-20 08:17:58 +00:00
parent 96ace1f7dd
commit feb0c94e79
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
shared/server/ObjectsServer.py
View File

@ -2311,7 +2311,8 @@ class ObjectsServer(AdministrableServerMixin, Server):
continue
try:
if eval(criteria, {'object': objectCore,
'result': result}, {}):
'result': result,
'self': self}, {}):
result.append(objectId)
except Exception, e:
pass