Commit 1edc8ea8 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add proper taint checking since these scripts are called from ops by

mere users.
parent d0293b2c
#!/usr/bin/perl -w
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -54,8 +54,39 @@ if (($opt{p} && (@ARGV < 1)) || (!$opt{p} && (@ARGV < 2))) {
my ($pid, $eid);
if (!$opt{p}) {
($pid, $eid) = (shift @ARGV, shift @ARGV);
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
}
#
# Scan the rest of the arguments, doing a generic taint check. More
# specific patterns are below.
#
my @nodes = ();
foreach my $arg (@ARGV) {
if ($arg =~ /^([-\w\.]+)$/) {
$arg = $1;
}
else {
die("*** Bad data in arg: $arg.\n");
}
push(@nodes, $arg);
}
my @nodes = @ARGV;
if ($opt{h}) {
exit &usage;
......
#!/usr/bin/perl
#!/usr/bin/perl -T
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -83,9 +83,38 @@ if (!$opt{p}) {
exit &usage;
}
($pid,$eid) = (shift,shift);
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
}
my @passedPorts = @ARGV;
#
# Scan the rest of the arguments, doing a generic taint check. More
# specific patterns are below.
#
my @passedPorts = ();
foreach my $arg (@ARGV) {
if ($arg =~ /^([-\w\.]+)$/) {
$arg = $1;
}
else {
die("*** Bad data in arg: $arg.\n");
}
push(@passedPorts, $arg);
}
#
# This hash is used to create colmn headers and the format string
......
#!/usr/bin/perl
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2002, 2004 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -32,12 +32,35 @@ use libtestbed;
#
$| = 1;
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/sbin:/usr/bin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
if (@ARGV != 2) {
&usage;
}
my ($pid,$eid) = @ARGV;
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
# XXX: This may need to be changed for use outside Utah
my $logdir = "/n/plastic/var/log/tiplogs";
my $tiplogdir = "/proj/$pid/tiplogs";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment