Security bugfix: bzr.rb could be exploited

3 files changed, 4 insertions, 9 deletions

diff --git a/bzr.rb b/bzr.rb
index cd1fe20..c3f4190 100644
--- a/bzr.rb
+++ b/bzr.rb
@@ -13,7 +13,7 @@ class VCS
 	end
 
 	def VCS.cat revision, file
-		`#{BZRCMD} cat -r #{revision} #{file}`
+		`#{BZRCMD} cat -r #{revision.to_i} #{file}`
 	end
 
 	def VCS.history
@@ -21,6 +21,6 @@ class VCS
 	end
 
 	def VCS.commit comment
-		`#{BZRCMD} commit -m '#{comment}'`
+		`#{BZRCMD} commit -m \"#{comment}\"`
 	end
 end
diff --git a/config.cgi b/config.cgi
index ec16bdb..107e2a6 100755
--- a/config.cgi
+++ b/config.cgi
@@ -33,12 +33,7 @@ require "poll"
 require "datepoll"
 Dir.chdir(olddir)
 
-if $cgi.include?("revision")
-	REVISION=$cgi["revision"].to_i
-	table = YAML::load(VCS.cat(REVISION, "data.yaml"))
-else
-	table = YAML::load_file("data.yaml")
-end
+table = YAML::load_file("data.yaml")
 
 $htmlout = <<HTMLHEAD
 <head>
diff --git a/participate.rb b/participate.rb
index 744f157..2fd057e 100644
--- a/participate.rb
+++ b/participate.rb
@@ -11,7 +11,7 @@ require "datepoll"
 Dir.chdir(olddir)
 
 if $cgi.include?("revision")
-	REVISION=$cgi["revision"].to_i
+	REVISION=$cgi["revision"]
 	table = YAML::load(VCS.cat(REVISION, "data.yaml"))
 else
 	table = YAML::load_file("data.yaml")