diff options
author | dteske <dteske@FreeBSD.org> | 2012-09-28 01:39:25 +0000 |
---|---|---|
committer | dteske <dteske@FreeBSD.org> | 2012-09-28 01:39:25 +0000 |
commit | 8f5dd3a88f3c17b19e137a6be2cd49ca0ad570c6 (patch) | |
tree | 1525cc01cfa25ce8351f84e4dfb92f4ad8a47341 | |
parent | a782f0b8bd315c02033a4fb363e550bd467101c7 (diff) | |
download | FreeBSD-src-8f5dd3a88f3c17b19e137a6be2cd49ca0ad570c6.zip FreeBSD-src-8f5dd3a88f3c17b19e137a6be2cd49ca0ad570c6.tar.gz |
Sanitize varname argument in f_sysrc_find. This is as much for security as it
is for sanity.
Reviewed by: jilles
Approved by: adrian (co-mentor)
-rw-r--r-- | usr.sbin/bsdconfig/share/sysrc.subr | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/usr.sbin/bsdconfig/share/sysrc.subr b/usr.sbin/bsdconfig/share/sysrc.subr index dc231d4..f8824a8 100644 --- a/usr.sbin/bsdconfig/share/sysrc.subr +++ b/usr.sbin/bsdconfig/share/sysrc.subr @@ -49,6 +49,17 @@ f_include_lang $BSDCFG_LIBE/include/messages.subr SUCCESS=0 FAILURE=1 +# +# Valid characters that can appear in an sh(1) variable name +# +# Please note that the character ranges A-Z and a-z should be avoided because +# these can include accent characters (which are not valid in a variable name). +# For example, A-Z matches any character that sorts after A but before Z, +# including A and Z. Although ASCII order would make more sense, that is not +# how it works. +# +VALID_VARNAME_CHARS="0-9ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_" + ############################################################ FUNCTIONS # f_clean_env [ --except $varname ... ] @@ -243,14 +254,16 @@ f_sysrc_get_default() # f_sysrc_find() { - local varname="$1" + local varname="${1%%[!$VALID_VARNAME_CHARS]*}" local regex="^[[:space:]]*$varname=" local rc_conf_files="$( f_sysrc_get rc_conf_files )" local conf_files= local file # Check parameters - [ "$varname" ] || return $FAILURE + case "$varname" in + ""|[0-9]*) return $FAILURE + esac # # If RC_CONFS is defined, set $rc_conf_files to an explicit |