find-package: implemented protection against shell metacharacters and evil paths

There are two possibilities for protection: 1) we should protect at least from very evil shell metacharacters, like [$*], and also from [:cntrl:] (e.g. newline). 2) we can provide an exhaustive list of characters that are valid for non-evil pathnames and commands, and issue mandatory warning if the command or path appears to be evil. I chose the latter approach. Valid character range is 'A-Za-z0-9/@=.,:_+-'. Note that (almost) all files from our base build system are valid paths: $ valid='A-Za-z0-9/@=.,:_+-' $ hsh-run -- rpm -qal |grep "[^$valid]" /usr/bin/[ /usr/share/man/man1/[.1.bz2 (contains no files) (contains no files) $ Later we'll see if the range of valid characters needs to be extended.
2007-09-10 13:26:52 +04:00 · 2007-09-10 13:26:52 +04:00 · 2b1c36538f
commit 2b1c36538f
parent 9196764224
2 changed files with 9 additions and 6 deletions
--- a/scripts/find-package.in
+++ b/scripts/find-package.in
@ -272,15 +272,21 @@ FindPackage()
 	local f="$1" r; shift || return
 	for r; do
 		local Verbose=Verbose
+		# Only these characters are allowed for pathnames or commands:
+		valid='A-Za-z0-9/@=.,:_+-'
 		case "$r" in
+			/*[!"$valid"]*)
+				Info "$f: invalid pathname: $r" ;;
 			/*)
 				FindByPath "$f" "$r" ;;
 			*/*)
-				Info "$f: invalid pathname $r" ;;
+				Info "$f: invalid pathname: $r" ;;
 			-*)
-				Info "$f: invalid command $r" ;;
+				Info "$f: invalid command: $r" ;;
+			*[!"$valid"]*)
+				Info "$f: invalid command: $r" ;;
 			'')
-				;;
+				Verbose "$f: empty command?"
 			*)
 				FindByName "$f" "$r" ;;
 		esac
--- a/scripts/shell.req.in
+++ b/scripts/shell.req.in
@ -61,9 +61,6 @@ ShellReq()
 	dname=${f#${RPM_BUILD_ROOT-}}
 	dname=${dname%/*}
 	for r in $reqs; do
-		if [ -z "${r/*\$*}" ]; then
-			continue
-		fi
 		case "$(type -t -- "$r")" in
 			alias|keyword|function|builtin)
 				continue ;;