kiss-community
/
kiss
mirror of https://codeberg.org/kiss-community/kiss
1
0
Fork 1
Code Issues Wiki

kiss: Stricter argument validation

This commit is contained in:
Dylan Araps 2021-07-03 15:46:09 +00:00
parent 28f991039b
commit d5e79e49b6
No known key found for this signature in database
GPG Key ID: 13295DAC2CF13B5C
1 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
kiss
View File

@ -422,6 +422,7 @@ pkg_order() {
for pkg do case $pkg in for pkg do case $pkg in
/*.tar.*) deps="$deps $pkg" ;; /*.tar.*) deps="$deps $pkg" ;;
*.tar.*) deps="$deps $ppwd/$pkg" ;; *.tar.*) deps="$deps $ppwd/$pkg" ;;
*/*) die "Invalid argument: '/!*[]' ($pkg)" ;;
*) pkg_depends "$pkg" raw *) pkg_depends "$pkg" raw
esac done esac done
@ -1467,14 +1468,26 @@ args() {
action=$1 action=$1
shift "$(($# != 0))" shift "$(($# != 0))"
# Unless this is a search, sanitize the user's input. The call to # Ensure that arguments do not contain invalid characters. Wildcards can
# 'pkg_find()' supports basic globbing, ensure input doesn't expand # not be used here as they would conflict with kiss extensions.
# to anything except for when this behavior is needed. case $action in
# a|alternatives)
# This handles the globbing characters '*', '!', '[' and ']' as per: case $1 in */*|*\**|*\!*|*\[*|*\]*)
# https://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html die "Invalid argument: '/!*[]' ($1)"
[ "${action##[aos]*}" ] && case "$*" in *\**|*\!*|*\[*|*\]*) esac
die "Arguments contain invalid characters: '!*[]' ($*)" ;;
b|build|c|checksum|d|download|l|list|r|remove)
case $* in */*|*\**|*\!*|*\[*|*\]*)
die "Arguments contain invalid characters: '/!*[]' ($*)"
esac
;;
i|install)
case $* in *\**|*\!*|*\[*|*\]*)
die "Arguments contain invalid characters: '!*[]' ($*)"
esac
;;
esac esac
# CRUX style usage using the current directory as the name of the package # CRUX style usage using the current directory as the name of the package