diff options
| author | H. Peter Anvin <hpa@zytor.com> | 2011-10-04 12:04:14 -0700 |
|---|---|---|
| committer | H. Peter Anvin <hpa@zytor.com> | 2011-10-04 12:04:14 -0700 |
| commit | dd6c13949be753d238cd1809b67aeb57d3c0dd49 (patch) | |
| tree | bedc2069386e2a4705d0d97db7089961f60f3892 | |
| parent | 2e3711d86e3f300a13e44cbbf71e4d795c2d7392 (diff) | |
| download | kup-dd6c13949be753d238cd1809b67aeb57d3c0dd49.tar.gz | |
is_valid_filename: block characters that can cause trouble
Block characters which, while valid in filenames, sometimes cause
trouble; in particular block - at the beginning of a pathname
component, and block the following character set anywhere in the
filename:
! " $ & ' * : ; < > ? \ ` |
(: is unclear to me... presumably because of *doze users?)
Suggested-by: Jean Delvare <jdelvare@suse.de>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
| -rwxr-xr-x | korgupload | 10 | ||||
| -rwxr-xr-x | kup | 10 |
2 files changed, 16 insertions, 4 deletions
@@ -193,8 +193,14 @@ sub is_valid_filename($) return 0 if ($f !~ m:^/:); # Reject relative paths return 0 if ($f =~ m:/$:); # Reject paths ending in / return 0 if ($f =~ m://:); # Reject double slashes - return 0 if ($f =~ m:/\.:); # Reject any filename component starting with dot, - # including . and .. + + # Reject filename components starting with dot or dash, covers . and .. + return 0 if ($f =~ m:/[\.\-]:); + + # Reject undesirable filename characters anywhere in the name. + # This isn't inherently security-critical, and could be tuned if + # users need it... + return 0 if ($f =~ m:[\!\"\$\&\'\*\:\;\<\>\?\\\`\|]:); # Make sure we can create a filename after adding .bz2 or similar. # We can't use the obvious regexp here, because regexps operate on @@ -89,8 +89,14 @@ sub is_valid_filename($) return 0 if ($f !~ m:^/:); # Reject relative paths return 0 if ($f =~ m:/$:); # Reject paths ending in / return 0 if ($f =~ m://:); # Reject double slashes - return 0 if ($f =~ m:/\.:); # Reject any filename component starting with dot, - # including . and .. + + # Reject filename components starting with dot or dash, covers . and .. + return 0 if ($f =~ m:/[\.\-]:); + + # Reject undesirable filename characters anywhere in the name. + # This isn't inherently security-critical, and could be tuned if + # users need it... + return 0 if ($f =~ m:[\!\"\$\&\'\*\:\;\<\>\?\\\`\|]:); # Make sure we can create a filename after adding .bz2 or similar. # We can't use the obvious regexp here, because regexps operate on |