Commit 8797364b authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Fix taint checks; allow + signs in filenames.

parent 1d4c6fe9
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
......@@ -108,7 +108,7 @@ $rpm = $ARGV[0];
# Untaint the arguments.
#
# Note different taint check (allow /).
if ($rpm =~ /^([-\w.\/]+)$/) {
if ($rpm =~ /^([-\w.\/\+]+)$/) {
$rpm = $1;
}
else {
......@@ -129,7 +129,7 @@ if (-e $IDENTFILE) {
fatal("Could not open $IDENTFILE: $!");
}
while (<IDENT>) {
if ($_ =~ /^([-\w\.\/]*) ([\d]*) ([\w]*)$/) {
if ($_ =~ /^([-\w\.\/\+]*) ([\d]*) ([\w]*)$/) {
my $file = $1;
my $stamp= $2;
my $md5 = $3;
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
......@@ -122,7 +122,7 @@ $tarfile = $ARGV[1];
# Untaint the arguments.
#
# Note different taint check (allow /).
if ($tarfile =~ /^([-\w.\/]+)$/) {
if ($tarfile =~ /^([-\w.\/\+]+)$/) {
$tarfile = $1;
}
else {
......@@ -156,7 +156,7 @@ if (-e $IDENTFILE) {
fatal("Could not open $IDENTFILE: $!");
}
while (<IDENT>) {
if ($_ =~ /^([-\w\.\/]*) ([\d]*) ([\w]*)$/) {
if ($_ =~ /^([-\w\.\/\+]*) ([\d]*) ([\w]*)$/) {
my $file = $1;
my $stamp= $2;
my $md5 = $3;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment