tighten up argument handling in ADCs even more

More and more people are using ADCs, which I originally wrote just for adventure-loving people ;-)
sitaramc · Oct 6, 2010 · 8a980a6 · 8a980a6
1 parent b4a3b81
commit 8a980a6
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/src/gitolite.pm b/src/gitolite.pm
@@ -36,6 +36,8 @@ our $REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@/+-]*$); # very simple patter
 our $USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@+-]*$);  # very simple pattern
 # same as REPONAME, but used for wildcard repos, allows some common regex metas
 our $REPOPATT_PATT=qr(^\@?[0-9a-zA-Z[][\\^.$|()[\]*+?{}0-9a-zA-Z._\@/-]*$);
+# ADC commands and arguments must match this pattern
+our $ADC_CMD_ARGS_PATT=qr(^[0-9a-zA-Z._\@/+-]*$);
 
 # these come from the RC file
 our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT, $PROJECTS_LIST, $GL_ALL_INCLUDES_SPECIAL, $GL_SITE_INFO);
@@ -509,7 +511,7 @@ sub parse_acl
     our $saved_crwu;
     our (%saved_repos, %saved_groups);
 
-    if ($saved_crwu eq "$creator,$readers,$writers,$gl_user") {
+    if ($saved_crwu and $saved_crwu eq "$creator,$readers,$writers,$gl_user") {
         %repos = %saved_repos; %groups = %saved_groups;
     } else {
         die "parse $GL_CONF_COMPILED failed: " . ($! or $@) unless do $GL_CONF_COMPILED;

diff --git a/src/gl-auth-command b/src/gl-auth-command
@@ -34,7 +34,7 @@ use warnings;
 # these are set by the "rc" file
 our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_WILDREPOS_DEFPERMS, $GL_ADC_PATH, $SVNSERVE, $PROJECTS_LIST, $GL_SLAVE_MODE, $GL_PERFLOGT);
 # and these are set by gitolite.pm
-our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT);
+our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT, $ADC_CMD_ARGS_PATT);
 our %repos;
 our %groups;
 our %repo_config;
@@ -157,7 +157,7 @@ if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
     my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
     if (-x "$GL_ADC_PATH/$cmd") {
         # yes this is rather strict, sorry.
-        do { die "I don't like $_\n" unless $_ =~ $REPOPATT_PATT } for ($cmd, @args);
+        do { die "I don't like $_\n" unless $_ =~ $ADC_CMD_ARGS_PATT } for ($cmd, @args);
         &log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");
         exec("$GL_ADC_PATH/$cmd", @args);
     }