Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
1edc8ea8
Commit
1edc8ea8
authored
Feb 16, 2004
by
Leigh B. Stoller
Browse files
Add proper taint checking since these scripts are called from ops by
mere users.
parent
d0293b2c
Changes
3
Hide whitespace changes
Inline
Side-by-side
db/readycount.in
View file @
1edc8ea8
#!/usr/bin/perl -w
#!/usr/bin/perl -w
T
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-200
3
University of Utah and the Flux Group.
# Copyright (c) 2000-200
4
University of Utah and the Flux Group.
# All rights reserved.
#
...
...
@@ -54,8 +54,39 @@ if (($opt{p} && (@ARGV < 1)) || (!$opt{p} && (@ARGV < 2))) {
my ($pid, $eid);
if (!$opt{p}) {
($pid, $eid) = (shift @ARGV, shift @ARGV);
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
}
#
# Scan the rest of the arguments, doing a generic taint check. More
# specific patterns are below.
#
my @nodes = ();
foreach my $arg (@ARGV) {
if ($arg =~ /^([-\w\.]+)$/) {
$arg = $1;
}
else {
die("*** Bad data in arg: $arg.\n");
}
push(@nodes, $arg);
}
my @nodes = @ARGV;
if ($opt{h}) {
exit &usage;
...
...
tbsetup/portstats.in
View file @
1edc8ea8
#!/usr/bin/perl
#!/usr/bin/perl
-T
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-200
3
University of Utah and the Flux Group.
# Copyright (c) 2000-200
4
University of Utah and the Flux Group.
# All rights reserved.
#
...
...
@@ -83,9 +83,38 @@ if (!$opt{p}) {
exit &usage;
}
($pid,$eid) = (shift,shift);
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
}
my @passedPorts = @ARGV;
#
# Scan the rest of the arguments, doing a generic taint check. More
# specific patterns are below.
#
my @passedPorts = ();
foreach my $arg (@ARGV) {
if ($arg =~ /^([-\w\.]+)$/) {
$arg = $1;
}
else {
die("*** Bad data in arg: $arg.\n");
}
push(@passedPorts, $arg);
}
#
# This hash is used to create colmn headers and the format string
...
...
tbsetup/savelogs.in
View file @
1edc8ea8
#!/usr/bin/perl
#!/usr/bin/perl
-wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2002
, 2004
University of Utah and the Flux Group.
# All rights reserved.
#
...
...
@@ -32,12 +32,35 @@ use libtestbed;
#
$|
=
1
;
#
# Untaint the path
#
$ENV
{'
PATH
'}
=
"
/bin:/sbin:/usr/bin:/usr/sbin
";
delete
@ENV
{'
IFS
',
'
CDPATH
',
'
ENV
',
'
BASH_ENV
'};
if
(
@ARGV
!=
2
)
{
&usage
;
}
my
(
$pid
,
$eid
)
=
@ARGV
;
#
# Untaint args.
#
if
(
$pid
=~
/^([-\w]+)$/
)
{
$pid
=
$
1
;
}
else
{
die
("
*** Bad data in pid:
$pid
.
\n
");
}
if
(
$eid
=~
/^([-\w]+)$/
)
{
$eid
=
$
1
;
}
else
{
die
("
*** Bad data in eid:
$eid
.
\n
");
}
# XXX: This may need to be changed for use outside Utah
my
$logdir
=
"
/n/plastic/var/log/tiplogs
";
my
$tiplogdir
=
"
/proj/
$pid
/tiplogs
";
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment