Add proper taint checking since these scripts are called from ops by

mere users.

Add proper taint checking since these scripts are called from ops by
mere users.
1edc8ea8 · Leigh B. Stoller · d0293b2c · 1edc8ea8 · 1edc8ea8 · 1edc8ea8
Commit 1edc8ea8 authored Feb 16, 2004 by Leigh B. Stoller
--- a/db/readycount.in
+++ b/db/readycount.in
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT

 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2003 University of Utah and the Flux Group.
+# Copyright (c) 2000-2004 University of Utah and the Flux Group.
 # All rights reserved.
 #

@@ -54,8 +54,39 @@ if (($opt{p} && (@ARGV < 1)) || (!$opt{p} && (@ARGV < 2))) {
 my ($pid, $eid);
 if (!$opt{p}) {
    ($pid, $eid) = (shift @ARGV, shift @ARGV);
+
+    #
+    # Untaint args.
+    #
+    if ($pid =~ /^([-\w]+)$/) {
+        $pid = $1;
+    }
+    else {
+        die("*** Bad data in pid: $pid.\n");
+    }
+    if ($eid =~ /^([-\w]+)$/) {
+        $eid = $1;
+    }
+    else {
+        die("*** Bad data in eid: $eid.\n");
+    }
+}
+
+#
+# Scan the rest of the arguments, doing a generic taint check. More
+# specific patterns are below.
+# 
+my @nodes = ();
+
+foreach my $arg (@ARGV) {
+    if ($arg =~ /^([-\w\.]+)$/) {
+        $arg = $1;
+    }
+    else {
+        die("*** Bad data in arg: $arg.\n");
+    }
+    push(@nodes, $arg);
 }
-my @nodes = @ARGV;

 if ($opt{h}) {
    exit &usage;

--- a/tbsetup/portstats.in
+++ b/tbsetup/portstats.in
-#!/usr/bin/perl
+#!/usr/bin/perl -T

 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2003 University of Utah and the Flux Group.
+# Copyright (c) 2000-2004 University of Utah and the Flux Group.
 # All rights reserved.
 #

@@ -83,9 +83,38 @@ if (!$opt{p}) {
 	exit &usage;
    }
    ($pid,$eid) = (shift,shift);
+
+    #
+    # Untaint args.
+    #
+    if ($pid =~ /^([-\w]+)$/) {
+        $pid = $1;
+    }
+    else {
+        die("*** Bad data in pid: $pid.\n");
+    }
+    if ($eid =~ /^([-\w]+)$/) {
+        $eid = $1;
+    }
+    else {
+        die("*** Bad data in eid: $eid.\n");
+    }
 }

-my @passedPorts = @ARGV;
+#
+# Scan the rest of the arguments, doing a generic taint check. More
+# specific patterns are below.
+# 
+my @passedPorts = ();
+foreach my $arg (@ARGV) {
+    if ($arg =~ /^([-\w\.]+)$/) {
+        $arg = $1;
+    }
+    else {
+        die("*** Bad data in arg: $arg.\n");
+    }
+    push(@passedPorts, $arg);
+}

 #
 # This hash is used to create colmn headers and the format string

--- a/tbsetup/savelogs.in
+++ b/tbsetup/savelogs.in
-#!/usr/bin/perl
+#!/usr/bin/perl -wT

 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2002 University of Utah and the Flux Group.
+# Copyright (c) 2000-2002, 2004 University of Utah and the Flux Group.
 # All rights reserved.
 #

@@ -32,12 +32,35 @@ use libtestbed;
 #
 $| = 1;

+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/sbin:/usr/bin:/usr/sbin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
 if (@ARGV != 2) {
 	&usage;
 }

 my ($pid,$eid) = @ARGV;

+#
+# Untaint args.
+#
+if ($pid =~ /^([-\w]+)$/) {
+    $pid = $1;
+}
+else {
+    die("*** Bad data in pid: $pid.\n");
+}
+if ($eid =~ /^([-\w]+)$/) {
+    $eid = $1;
+}
+else {
+    die("*** Bad data in eid: $eid.\n");
+}
+
+
 # XXX: This may need to be changed for use outside Utah
 my $logdir =	"/n/plastic/var/log/tiplogs";
 my $tiplogdir =	"/proj/$pid/tiplogs";