1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

s3:script: Untaint user supplied data in modprinter.pl

spoolss_SetPrinter fails because of the error produced by modprinter.pl.

Perl error:
Insecure dependency in open while running setgid at modprinter.pl line 76.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12950

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This commit is contained in:
Andreas Schneider 2017-08-08 08:40:34 +02:00 committed by Andreas Schneider
parent f9c0a8e3e0
commit f449177435

View File

@ -67,7 +67,14 @@ if (!defined($share_name)) {
die "share name not defined"; die "share name not defined";
} }
my $tmp = $opt_smb_conf.$$; my $smb_conf_file = $opt_smb_conf;
if ($smb_conf_file =~ /^(.*)$/) {
$smb_conf_file = $1; # untaint file name
} else {
die "Invalid file name $smb_conf_file";
}
my $tmp = $smb_conf_file.$$;
my $section = undef; my $section = undef;
my $within_section = 0; my $within_section = 0;
@ -75,7 +82,7 @@ my $found_section = 0;
open(CONFIGFILE_NEW, "+>$tmp") || die "Unable top open conf file $tmp"; open(CONFIGFILE_NEW, "+>$tmp") || die "Unable top open conf file $tmp";
open (CONFIGFILE, "+<$opt_smb_conf") || die "Unable to open config file $opt_smb_conf"; open (CONFIGFILE, "+<$smb_conf_file") || die "Unable to open config file $smb_conf_file";
while (<CONFIGFILE>) { while (<CONFIGFILE>) {
my $line = $_; my $line = $_;
chomp($_); chomp($_);
@ -123,7 +130,9 @@ close (CONFIGFILE_NEW);
if ($opt_delete && ($found_section == 0)) { if ($opt_delete && ($found_section == 0)) {
die "share $share_name not found"; die "share $share_name not found";
} }
system("cp", "$tmp", "$opt_smb_conf");
$ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH
system("cp", "$tmp", "$smb_conf_file");
unlink $tmp; unlink $tmp;
exit 0; exit 0;