[Biopython-dev] [Bug 2508] NCBIStandalone.blastall: provide support for '-F F' and make it safe

bugzilla-daemon at portal.open-bio.org bugzilla-daemon at portal.open-bio.org
Wed Jun 18 12:01:11 UTC 2008


------- Comment #3 from biopython-bugzilla at maubp.freeserve.co.uk  2008-06-18 08:01 EST -------
Created an attachment (id=946)
 --> (http://bugzilla.open-bio.org/attachment.cgi?id=946&action=view)
Patch to Bio/Blast/NCBIStandalone.py and Tests/test_NCBIStandalone.py

Suggested patch for the command injection risk.

Can anyone think of a legitimate reason for a ; or & character in the
parameters of a BLAST command line?  This patch is very simple and will reject
any keyword parameter containing the ; or && characters.

Configure bugmail: http://bugzilla.open-bio.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the Biopython-dev mailing list