dpkg.in.diff (escaping system/open calls)

[Leonard den Ottolander <leonard den ottolander nl>]

Hi,

Ok, dpkg.in checked for missing escapes on calls to system and opens
that spawn a shell. See attached dpkg.in.diff.

Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research

--- dpkg.in.000	2002-12-24 07:33:46.000000000 +0100
+++ dpkg.in	2004-08-20 18:53:10.000000000 +0200
@@ -183,20 +183,22 @@ sub list
 sub copyout
 {
     my($archive,$filename) = @_;
+    my $qfilename = $filename;
+    $qfilename =~ s/([^\w\/.+-])/\\$1/g;
     if( $archive eq 'DIVERSIONS' ) {
-       system("dpkg-divert --list > $filename 2>/dev/null");
+       system("dpkg-divert --list > $qfilename 2>/dev/null");
     } elsif( $archive eq 'ARCHITECTURE' ) {
-       system("dpkg-architecture > $filename 2>/dev/null");
+       system("dpkg-architecture > $qfilename 2>/dev/null");
     } elsif( $archive eq 'LIST' ) {
-       system("dpkg -l '*' > $filename 2>/dev/null");
+       system("dpkg -l '*' > $qfilename 2>/dev/null");
     } elsif( $archive eq 'AUDIT' ) {
-       system("dpkg --audit > $filename 2>/dev/null");
+       system("dpkg --audit > $qfilename 2>/dev/null");
     } elsif( $archive eq 'GET-SELECTIONS' ) {
-       system("dpkg --get-selections > $filename 2>/dev/null");
+       system("dpkg --get-selections > $qfilename 2>/dev/null");
     } elsif( $archive eq 'STATUS' ) {
-       system("cp /var/lib/dpkg/status $filename");
+       system("cp /var/lib/dpkg/status $qfilename");
     } elsif( $archive eq 'AVAILABLE' ) {
-       system("cp /var/lib/dpkg/available $filename");
+       system("cp /var/lib/dpkg/available $qfilename");
     } elsif( $archive eq 'CONFIGURE' ) {
        open O, ">$filename";
        print O $pressconfigure;
@@ -224,8 +226,10 @@ sub copyout
 sub copyin
 {
     my($archive,$filename) = @_;
+    my $qfilename = $filename;
+    $qfilename =~ s/([^\w\/.+-])/\\$1/g;
     if( $archive =~ /\.deb$/ ) {
-       system("dpkg -i $filename>/dev/null");
+       system("dpkg -i $qfilename>/dev/null");
     } else {
        die "extfs: cannot create regular file \`$archive\': Permission denied\n";
     }
@@ -252,12 +256,13 @@ sub rm_disabled
 {
     my($archive) = @_;
     if( $archive =~ /\.debd?$/ ) {
-       my $name = $archive;
-       $name =~ s%.*/%%g;
-       $name =~ s%_.*%%g;
-       system("if dpkg -s $name | grep ^Status | grep -qs config-files; \
-           then dpkg --purge $name>/dev/null; \
-           else dpkg --remove $name>/dev/null; fi");
+       my $qname = $archive;
+       $qname =~ s%.*/%%g;
+       $qname =~ s%_.*%%g;
+       $qname =~ s/([^\w\/.+-])/\\$1/g;
+       system("if dpkg -s $qname | grep ^Status | grep -qs config-files; \
+           then dpkg --purge $qname>/dev/null; \
+           else dpkg --remove $qname>/dev/null; fi");
        die("extfs: $archive: Operation not permitted\n") if $? != 0;
     } else {
        die "extfs: $archive: Operation not permitted\n";