cpt

[ARCHIVED] Carbs Packaging Tools
git clone git://git.ckyln.com/~cem/cpt.git
Log | Files | Refs | README | LICENSE

commit bae681f84f701127275c9d48a74a640a7c89e0b6
parent 718b774f3c8b2e46362aae598ed95050bdd165e2
Author: Dylan Araps <dylan.araps@gmail.com>
Date:   Tue,  1 Oct 2019 22:48:30 +0300

kiss: more relaxed sanitization as per POSIX globbing spec.

Diffstat:
Mkiss | 5++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/kiss b/kiss @@ -858,9 +858,12 @@ args() { # Unless this is a search, sanitize the user's input. The call to # 'pkg_find()' supports basic globbing, ensure input doesn't expand # to anything except for when this behavior is needed. + # + # This handles the globbing characters '*', '!', '[' and ']' as per: + # https://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html [ "$action" != search ] && [ "$action" != s ] && case $* in - *[!a-zA-Z0-9_-]*) + *'*'*|*'!'*|*'['*|*']'*) log kiss "$action $*" die "Arguments contain invalid characters" ;;