1
0
mirror of https://codeberg.org/kiss-community/kiss synced 2024-12-25 00:20:05 -07:00

kiss: sanitize user input when needed

This commit is contained in:
Dylan Araps 2019-10-01 22:34:34 +03:00
parent f16d3ca3e4
commit 0f7b3adfd7

11
kiss
View File

@ -845,6 +845,17 @@ args() {
# arguments despite trapping the error ('|| :').
shift "$(($# > 0 ? 1 : 0))"
# Unless this is a search, sanitize the user's input. The call to
# 'pkg_find()' supports basic globbing, ensure input doesn't expand
# to anything except for when this behavior is needed.
[ "$action" != search ] && [ "$action" != s ] &&
case $* in
*[!a-zA-Z0-9_-]*)
log kiss "$action $*"
die "Arguments contain invalid characters"
;;
esac
# Parse some arguments earlier to remove the need to duplicate code.
case $action in
c|checksum|s|search)