mirror of
https://codeberg.org/kiss-community/kiss
synced 2024-12-25 00:20:05 -07:00
kiss: sanitize user input when needed
This commit is contained in:
parent
f16d3ca3e4
commit
0f7b3adfd7
11
kiss
11
kiss
@ -845,6 +845,17 @@ args() {
|
||||
# arguments despite trapping the error ('|| :').
|
||||
shift "$(($# > 0 ? 1 : 0))"
|
||||
|
||||
# Unless this is a search, sanitize the user's input. The call to
|
||||
# 'pkg_find()' supports basic globbing, ensure input doesn't expand
|
||||
# to anything except for when this behavior is needed.
|
||||
[ "$action" != search ] && [ "$action" != s ] &&
|
||||
case $* in
|
||||
*[!a-zA-Z0-9_-]*)
|
||||
log kiss "$action $*"
|
||||
die "Arguments contain invalid characters"
|
||||
;;
|
||||
esac
|
||||
|
||||
# Parse some arguments earlier to remove the need to duplicate code.
|
||||
case $action in
|
||||
c|checksum|s|search)
|
||||
|
Loading…
Reference in New Issue
Block a user