Commit 62dc6112 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Remove unecessary taint check. Add a check to make sure the filename

is not a directory.
parent 5ff65d25
......@@ -231,15 +231,6 @@ if ($isglobal && ($filename =~ /^\/usr\/testbed/)) {
print "*** WARNING: Writing global descriptor to $filename instead!\n";
}
# Untaint. Very silly.
if ($filename =~ /^([-\w\.\/\+]+)$/) {
$filename = $1;
}
else {
die("*** $0:\n".
" Bad filename: $filename!\n");
}
#
# Make sure real path is someplace that makes sense; remember that the
# image is created on the nodes, and it NFS mounts directories on ops.
......@@ -255,6 +246,11 @@ else {
die("*** $0:\n".
" Bad data returned by realpath: $translated\n");
}
# Make sure not a directory.
if (-d $filename) {
die("*** $0:\n".
" $filename is a directory! Must be a plain file.\n");
}
#
# The file must reside in an allowed directory. Since this script
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment