| 1 |
From 02220ca51a25913a5b81885066ac4ff2ca2490c5 Mon Sep 17 00:00:00 2001 |
| 2 |
From: William Cohen <wcohen@redhat.com> |
| 3 |
Date: Tue, 10 May 2011 14:38:26 -0400 |
| 4 |
Subject: [PATCH 3/4] Avoid blindly source $SETUP_FILE with '.' |
| 5 |
|
| 6 |
If there could be arbitrary commands in the $SETUP_FILE, the '.' command |
| 7 |
would blindly execute them. This change limits do_load_setup to only |
| 8 |
assigning values to variables. |
| 9 |
--- |
| 10 |
utils/opcontrol | 17 +++++++++++++---- |
| 11 |
1 files changed, 13 insertions(+), 4 deletions(-) |
| 12 |
|
| 13 |
--- a/utils/opcontrol |
| 14 |
+++ b/utils/opcontrol |
| 15 |
@@ -434,9 +434,19 @@ |
| 16 |
{ |
| 17 |
if test -f "$SETUP_FILE"; then |
| 18 |
# load the actual information from file |
| 19 |
- # FIXME this is insecure, arbitrary commands could be added to |
| 20 |
- # $SETUP_FILE and be executed as root |
| 21 |
- . $SETUP_FILE |
| 22 |
+ while IFS== read -r arg val; do |
| 23 |
+ clean_arg="`echo "${arg}" | tr -cd '[:alnum:]_'`" |
| 24 |
+ clean_val="`echo "${val}" | tr -cd '[:alnum:]_:/.-'`" |
| 25 |
+ if [ "x$arg" != "x$clean_arg" ]; then |
| 26 |
+ echo "Invalid variable \"$arg\" in $SETUP_FILE." |
| 27 |
+ exit 1 |
| 28 |
+ fi |
| 29 |
+ if [ "x$val" != "x$clean_val" ]; then |
| 30 |
+ echo "Invalid value \"$val\" in $SETUP_FILE." |
| 31 |
+ exit 1 |
| 32 |
+ fi |
| 33 |
+ eval "${clean_arg}=${clean_val}" |
| 34 |
+ done < $SETUP_FILE |
| 35 |
fi |
| 36 |
} |
| 37 |
|
| 38 |
@@ -739,7 +749,6 @@ |
| 39 |
|
| 40 |
--save) |
| 41 |
error_if_empty $arg $val |
| 42 |
- error_if_not_basename $arg $val |
| 43 |
DUMP=yes |
| 44 |
SAVE_SESSION=yes |
| 45 |
SAVE_NAME=$val |
Parent Directory
| 
Revision Log