X Strike Force XFree86 SVN commit: rev 716 - trunk/debian
Author: branden
Date: 2003-10-26 19:54:21 -0500 (Sun, 26 Oct 2003)
New Revision: 716
Modified:
trunk/debian/shell-lib.sh
Log:
Fix two bugs in implementation of reject_unlikely_path_chars():
+ sense of test was backwards
+ spurious $ at end of expression; instead, use .* wildcards at beginning
*and* end, since the goal is to look for any illegal character anywhere
in the variable
Also:
+ expr doesn't do the right thing if you nest '[]' inside a character
class, so treat those characters as legal; they're not syntactically
significant to the shell, so they're pretty much harmless anyway
- debian/shell-lib.sh
Modified: trunk/debian/shell-lib.sh
===================================================================
--- trunk/debian/shell-lib.sh 2003-10-27 00:07:36 UTC (rev 715)
+++ trunk/debian/shell-lib.sh 2003-10-27 00:54:21 UTC (rev 716)
@@ -83,7 +83,7 @@
# interpret and barf if any are found
while [ -n "$1" ]; do
# does the operand contain any funny characters?
- if ! expr "$1" : '[!$&()*;<>?[]|]$' > /dev/null 2>&1; then
+ if expr "$1" : '.*[!$&()*;<>?|].*' > /dev/null 2>&1; then
# can't use die(), because I want to avoid forward references
echo "$THIS_PACKAGE $THIS_SCRIPT error: reject_unlikely_path_chars()" \
"encountered possibly malicious garbage \"$1\"" >&2
Reply to: