apt.in.diff (escaping system/open calls)
- From: Leonard den Ottolander <leonard den ottolander nl>
- To: MC Devel <mc-devel gnome org>
- Subject: apt.in.diff (escaping system/open calls)
- Date: Fri, 20 Aug 2004 19:13:01 +0200
Hi,
Ok, apt.in checked for missing escapes on calls to system and opens
that spawn a shell. See attached apt.in.diff.
Some questions:
line 135: if ( open(PIPEIN, "find /var/cache/apt/archives -type f |") ) {
What about found files in that directory? Should the output of find also be escaped?
idem line 190: open STAT, "apt-cache dumpavail |"
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
--- apt.in.000 2002-12-24 07:33:46.000000000 +0100
+++ apt.in 2004-08-20 19:07:57.000000000 +0200
@@ -229,14 +229,18 @@ sub list
sub copyout
{
my($archive,$filename) = @_;
+ my $qarchive = $archive;
+ $qarchive =~ s/([^\w\/.+-])/\\$1/g;
+ my $qfilename = $filename;
+ $qfilename =~ s/([^\w\/.+-])/\\$1/g;
if( $archive eq 'CHECK' ) {
- system("apt-get -q check > $filename");
+ system("apt-get -q check > $qfilename");
} elsif( $archive eq 'AVAILABLE' ) {
- system("apt-cache dumpavail > $filename");
+ system("apt-cache dumpavail > $qfilename");
} elsif( $archive eq 'STATS' ) {
- system("apt-cache stats > $filename");
+ system("apt-cache stats > $qfilename");
} elsif( $archive eq 'CONFIG' ) {
- system("(apt-config dump 2>&1) > $filename");
+ system("(apt-config dump 2>&1) > $qfilename");
} elsif( $archive eq 'UPDATE' ) {
open O, ">$filename";
print O $pressupdate;
@@ -246,12 +250,12 @@ sub copyout
print O $pressupgrade;
close O;
} elsif( $archive eq 'apt.conf' ) {
- system("cp /etc/apt/apt.conf $filename");
+ system("cp /etc/apt/apt.conf $qfilename");
} elsif( $archive eq 'sources.list' ) {
- system("cp /etc/apt/sources.list $filename");
+ system("cp /etc/apt/sources.list $qfilename");
} elsif( $archive =~ /^CACHE\// ) {
$archive =~ s%^CACHE/%/var/cache/apt/archives/%;
- system("cp $archive $filename");
+ system("cp $qarchive $qfilename");
} else {
open O, ">$filename";
print O $archive, "\n";
@@ -262,15 +266,19 @@ sub copyout
sub copyin
{
my($archive,$filename) = @_;
+ my $qarchive = $archive;
+ $qarchive =~ s/([^\w\/.+-])/\\$1/g;
+ my $qfilename = $filename;
+ $qfilename =~ s/([^\w\/.+-])/\\$1/g;
if( $archive =~ /\.deb$/ ) {
- system("dpkg -i $filename>/dev/null");
+ system("dpkg -i $qfilename>/dev/null");
} elsif( $archive eq 'apt.conf' ) {
- system("cp $filename /etc/apt/apt.conf");
+ system("cp $qfilename /etc/apt/apt.conf");
} elsif( $archive eq 'sources.list' ) {
- system("cp $filename /etc/apt/sources.list");
+ system("cp $qfilename /etc/apt/sources.list");
} elsif( $archive =~ /^CACHE\// ) {
$archive =~ s%^CACHE/%/var/cache/apt/archives/%;
- system("cp $filename $archive");
+ system("cp $qfilename $qarchive");
} else {
die "extfs: cannot create regular file \`$archive\': Permission denied\n";
}
@@ -293,19 +301,21 @@ sub run
sub rm
{
my($archive) = @_;
+ my $qarchive = $archive;
+ $qarchive =~ s/([^\w\/.+-])/\\$1/g;
if( $archive =~ /^CACHE\// ) {
$archive =~ s%^CACHE/%/var/cache/apt/archives/%;
- system("rm -f $archive");
+ system("rm -f $qarchive");
} elsif( $archive eq 'apt.conf' ) {
system("rm -f /etc/apt/apt.conf");
} elsif( $archive eq 'sources.list' ) {
system("rm -f /etc/apt/sources.list");
} elsif( $archive =~ /\.debd?$/ ) {
# uncommented and changed to use dpkg - alpha
- my $name = $archive;
- $name =~ s%.*/%%g;
- $name =~ s%_.*%%g;
- system("dpkg --remove $name >/dev/null");
+ my $qname = $qarchive;
+ $qname =~ s%.*/%%g;
+ $qname =~ s%_.*%%g;
+ system("dpkg --remove $qname >/dev/null");
die("extfs: $archive: Operation not permitted\n") if $? != 0;
} else {
die "extfs: $archive: Operation not permitted\n";
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]