[Biopython-dev] [Bug 2508] NCBIStandalone.blastall: provide support for '-F F' and make it safe
bugzilla-daemon at portal.open-bio.org
bugzilla-daemon at portal.open-bio.org
Wed Jun 18 12:01:11 UTC 2008
http://bugzilla.open-bio.org/show_bug.cgi?id=2508
------- Comment #3 from biopython-bugzilla at maubp.freeserve.co.uk 2008-06-18 08:01 EST -------
Created an attachment (id=946)
--> (http://bugzilla.open-bio.org/attachment.cgi?id=946&action=view)
Patch to Bio/Blast/NCBIStandalone.py and Tests/test_NCBIStandalone.py
Suggested patch for the command injection risk.
Can anyone think of a legitimate reason for a ; or & character in the
parameters of a BLAST command line? This patch is very simple and will reject
any keyword parameter containing the ; or && characters.
--
Configure bugmail: http://bugzilla.open-bio.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the Biopython-dev
mailing list