From 6e36fdf6cc1e0aaa7ddce22ccf9e81a034f79e02 Mon Sep 17 00:00:00 2001
From: Jacob Bachmeyer <jcb@gnu.org>
Date: Fri, 14 Oct 2022 22:43:44 -0500
Subject: [PATCH] Discard names of trash files immediately after unlink

---
 gatekeeper.pl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gatekeeper.pl b/gatekeeper.pl
index 4fe6fb7..ed9fd7e 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -918,6 +918,8 @@ sub scan_incoming {
   # dispose of any garbage files
   ftp_syslog('info', "Trashcanned files removed")
     if unlink @trash;
+  @trash = ();	# and empty the array to be safe, since it contained
+                # potentially arbitrary _untainted_ filenames
 
   # No possible files found, so return before we call lsof
   return () unless %possible;
-- 
2.25.1