[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SCM] Debian package checker branch, master, updated. 2.5.0-rc2-122-g12888e8

The following commit has been merged in the master branch:
commit 3fecb08a9219b5f0b1b2a748776db36be70c5179
Author: Niels Thykier <niels@thykier.net>
Date:   Tue Mar 29 22:57:51 2011 +0200

    Added "taint" to L::P, allowing to report "evil" files

diff --git a/lib/Lintian/Processable.pm b/lib/Lintian/Processable.pm
index 7d5703f..91addec 100644
--- a/lib/Lintian/Processable.pm
+++ b/lib/Lintian/Processable.pm
@@ -66,6 +66,7 @@ sub new {
     bless $self, $class;
     $self->{pkg_type} = $pkg_type;
     $self->{pkg_path} = $pkg_path;
+    $self->{tainted} = 0;
     $self->_init ($pkg_type, $pkg_path);
     return $self;
 }
@@ -108,9 +109,15 @@ Returns the version of the source package.
 Returns the L<Lintain::ProcessableGroup|group> $proc is in,
 if any.  If the processable is not in a group, this returns C<undef>.
 
+=item $proc->tainted()
+
+Returns a truth value if one or more fields in this Processable is
+tainted.  On a best effort basis tainted fields will be sanitized
+to less dangerous (but possibly invalid) values.
+
 =cut
 
-Lintian::Processable->mk_accessors (qw(pkg_name pkg_version pkg_src pkg_arch pkg_path pkg_type pkg_src_version group));
+Lintian::Processable->mk_accessors (qw(pkg_name pkg_version pkg_src pkg_arch pkg_path pkg_type pkg_src_version group tainted));
 
 =pod
 
@@ -178,7 +185,13 @@ sub _init{
     $self->{pkg_arch}        = '' unless (defined $self->{pkg_arch});
     # make sure none of the fields can cause traversal.
     foreach my $field (qw(pkg_name pkg_version pkg_src pkg_src_version pkg_arch)) {
-        $self->{$field} =~ s,/,_,o;
+        if ($self->{$field} =~ m,/,o){
+            # None of these fields are allowed to contain a slash,
+            # this package is most likely crafted to cause
+            # Path traversals.
+            $self->{tainted} = 1;
+            $self->{$field} =~ s,/,_,o;
+        }
     }
     return 1;
 }
diff --git a/lib/Lintian/ProcessablePool.pm b/lib/Lintian/ProcessablePool.pm
index cb88ffa..baac2ee 100644
--- a/lib/Lintian/ProcessablePool.pm
+++ b/lib/Lintian/ProcessablePool.pm
@@ -92,6 +92,11 @@ sub add_file {
     # Just insert these for now.
     $tmap = $self->{$pkg_type};
     $proc = Lintian::Processable->new($pkg_type, $pkg_path);
+    if ($proc->tainted()){
+        warn(sprintf("warning: bad name for %1\$s package '%2\$s', skipping\n",
+             $pkg_type, $proc->pkg_name()));
+        return 0;
+    }
     $procid = _get_proc_id($proc);
     return 0 if exists $tmap->{$procid};
     $groupid = _get_group_id($proc);

-- 
Debian package checker
Reply to: