All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit 4c85b0c4 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add more taint checking.

parent d2f6196f
#!/usr/bin/perl -w
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -25,7 +25,6 @@ sub usage()
"Options:\n".
" -d = turn on debugging\n".
" -s = Select the source of the link to determine which pipe\n".
" This is easier than using the -p option!\n".
" -m = Modify the base experiment in addition to current state.\n".
"Parameters:\n".
" BANDWIDTH=NNN - N=bandwidth (10-100000 Kbits per second)\n",
......@@ -98,6 +97,34 @@ if (defined($options{"m"})) {
}
if (defined($options{"s"})) {
$srcvnode = $options{"s"};
if ($srcvnode =~ /^([-\w]+)$/) {
$srcnode = $1;
}
else {
die("*** Bad srcvnode name: $srcvnode.\n");
}
}
#
# Untaint args.
#
if ($pid =~ /^([-\w]+)$/) {
$pid = $1;
}
else {
die("*** Bad data in pid: $pid.\n");
}
if ($eid =~ /^([-\w]+)$/) {
$eid = $1;
}
else {
die("*** Bad data in eid: $eid.\n");
}
if ($link =~ /^([-\w]+)$/) {
$link = $1;
}
else {
die("*** Bad data in link: $link.\n");
}
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment