git://git.onelab.eu
/
vsys-scripts.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
a90428a
)
Security fix
author
Sapan Bhatia
<sapanb@cs.princeton.edu>
Mon, 18 May 2009 19:33:19 +0000
(19:33 +0000)
committer
Sapan Bhatia
<sapanb@cs.princeton.edu>
Mon, 18 May 2009 19:33:19 +0000
(19:33 +0000)
exec/umount
patch
|
blob
|
history
diff --git
a/exec/umount
b/exec/umount
index
3d7fb48
..
7bde900
100755
(executable)
--- a/
exec/umount
+++ b/
exec/umount
@@
-7,12
+7,18
@@
my $slice_dir="/vservers/$slicename/";
my $localpath = <STDIN>;
chomp($localpath);
-$localpath=~s/\.\.//g;
$localpath=$slice_dir.$localpath;
-unless($localpath=~/\/?[\w\d]+\/[\w\d]*\/?/) {
- die("$localpath is not a path");
+my $pathtest;
+
+$pathtest='';
+while ($localpath=~/(\/?[\w\d\-_]+\/?)/g) {
+ $pathtest=$pathtest.$1;
+}
+
+if ($pathtest ne $localpath) {
+ die "$localpath is not a safe path";
}
my $mntcmd="/bin/umount $localpath";