cpt

[ARCHIVED] Carbs Packaging Tools
git clone git://git.ckyln.com/~cem/cpt.git
Log | Files | Refs | README | LICENSE

commit 0f7b3adfd7dcfeec012fecffb7d011f65370766d
parent f16d3ca3e4efa3ad911fffd22da1f61564f71127
Author: Dylan Araps <dylan.araps@gmail.com>
Date:   Tue,  1 Oct 2019 22:34:34 +0300

kiss: sanitize user input when needed

Diffstat:
Mkiss | 11+++++++++++
1 file changed, 11 insertions(+), 0 deletions(-)

diff --git a/kiss b/kiss @@ -845,6 +845,17 @@ args() { # arguments despite trapping the error ('|| :'). shift "$(($# > 0 ? 1 : 0))" + # Unless this is a search, sanitize the user's input. The call to + # 'pkg_find()' supports basic globbing, ensure input doesn't expand + # to anything except for when this behavior is needed. + [ "$action" != search ] && [ "$action" != s ] && + case $* in + *[!a-zA-Z0-9_-]*) + log kiss "$action $*" + die "Arguments contain invalid characters" + ;; + esac + # Parse some arguments earlier to remove the need to duplicate code. case $action in c|checksum|s|search)