From 86cde73a97bf34ab9f5c41896eb2b56390eda1ff Mon Sep 17 00:00:00 2001
From: Andrew Colin Kissa <andrew@topdog.za.net>
Date: Fri, 23 Feb 2018 09:40:43 +0200
Subject: [PATCH] FIX: Untaint the $safename var in unpack7zip

Prevent the taint error in open when the file is encrypted.
---
 common/usr/share/MailScanner/perl/MailScanner/Message.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/common/usr/share/MailScanner/perl/MailScanner/Message.pm b/common/usr/share/MailScanner/perl/MailScanner/Message.pm
index 859bd7b..2ea7770 100644
--- a/common/usr/share/MailScanner/perl/MailScanner/Message.pm
+++ b/common/usr/share/MailScanner/perl/MailScanner/Message.pm
@@ -3189,6 +3189,8 @@ sub Unpack7zip {
     $nopathname = $name;
     $nopathname =~ s/^.*\///;
     $safename = $this->MakeNameSafe('r'.$nopathname,$explodeinto);
+    $safename =~ m|(.*)|;
+    $safename = $1;
     $NameTwo = $safename;
     $NameTwo = $1 if $NameTwo =~ /([^\/]+)$/;
     #MailScanner::Log::InfoLog("UnPackRar: Member : %s", $member);