[SCM] Debian package checker branch, infra-513663, updated. 2.5.0-rc1-107-g3fecb08
The following commit has been merged in the infra-513663 branch:
commit 3fecb08a9219b5f0b1b2a748776db36be70c5179
Author: Niels Thykier <niels@thykier.net>
Date: Tue Mar 29 22:57:51 2011 +0200
Added "taint" to L::P, allowing to report "evil" files
diff --git a/lib/Lintian/Processable.pm b/lib/Lintian/Processable.pm
index 7d5703f..91addec 100644
--- a/lib/Lintian/Processable.pm
+++ b/lib/Lintian/Processable.pm
@@ -66,6 +66,7 @@ sub new {
bless $self, $class;
$self->{pkg_type} = $pkg_type;
$self->{pkg_path} = $pkg_path;
+ $self->{tainted} = 0;
$self->_init ($pkg_type, $pkg_path);
return $self;
}
@@ -108,9 +109,15 @@ Returns the version of the source package.
Returns the L<Lintain::ProcessableGroup|group> $proc is in,
if any. If the processable is not in a group, this returns C<undef>.
+=item $proc->tainted()
+
+Returns a truth value if one or more fields in this Processable is
+tainted. On a best effort basis tainted fields will be sanitized
+to less dangerous (but possibly invalid) values.
+
=cut
-Lintian::Processable->mk_accessors (qw(pkg_name pkg_version pkg_src pkg_arch pkg_path pkg_type pkg_src_version group));
+Lintian::Processable->mk_accessors (qw(pkg_name pkg_version pkg_src pkg_arch pkg_path pkg_type pkg_src_version group tainted));
=pod
@@ -178,7 +185,13 @@ sub _init{
$self->{pkg_arch} = '' unless (defined $self->{pkg_arch});
# make sure none of the fields can cause traversal.
foreach my $field (qw(pkg_name pkg_version pkg_src pkg_src_version pkg_arch)) {
- $self->{$field} =~ s,/,_,o;
+ if ($self->{$field} =~ m,/,o){
+ # None of these fields are allowed to contain a slash,
+ # this package is most likely crafted to cause
+ # Path traversals.
+ $self->{tainted} = 1;
+ $self->{$field} =~ s,/,_,o;
+ }
}
return 1;
}
diff --git a/lib/Lintian/ProcessablePool.pm b/lib/Lintian/ProcessablePool.pm
index cb88ffa..baac2ee 100644
--- a/lib/Lintian/ProcessablePool.pm
+++ b/lib/Lintian/ProcessablePool.pm
@@ -92,6 +92,11 @@ sub add_file {
# Just insert these for now.
$tmap = $self->{$pkg_type};
$proc = Lintian::Processable->new($pkg_type, $pkg_path);
+ if ($proc->tainted()){
+ warn(sprintf("warning: bad name for %1\$s package '%2\$s', skipping\n",
+ $pkg_type, $proc->pkg_name()));
+ return 0;
+ }
$procid = _get_proc_id($proc);
return 0 if exists $tmap->{$procid};
$groupid = _get_group_id($proc);
--
Debian package checker
Reply to: