From b292ee0f5c56988ef9631bb96eb8c6141dcc521f Mon Sep 17 00:00:00 2001 From: espie Date: Tue, 7 Jan 2014 18:35:23 +0000 Subject: [PATCH] severely restrict what characters can be in a signer, to make certain it's not possible to go ../ from /etc/signify --- usr.sbin/pkg_add/OpenBSD/PackingElement.pm | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm index 3d89f26bdd8..743f325e865 100644 --- a/usr.sbin/pkg_add/OpenBSD/PackingElement.pm +++ b/usr.sbin/pkg_add/OpenBSD/PackingElement.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: PackingElement.pm,v 1.224 2014/01/07 13:52:43 espie Exp $ +# $OpenBSD: PackingElement.pm,v 1.225 2014/01/07 18:35:23 espie Exp $ # # Copyright (c) 2003-2010 Marc Espie # @@ -1791,6 +1791,15 @@ sub keyword() { 'signer' } __PACKAGE__->register_with_factory; sub category() { "signer" } +sub new +{ + my ($class, $args) = @_; + unless ($args =~ m/^[\w\d\.\-\+\@]+$/) { + die "Invalid characters in signer $args\n"; + } + $class->SUPER::new($args); +} + # XXX digital-signatures have to be unique, since they are a part # of the unsigned packing-list, with only the b64sig part removed # (likewise for signer) -- 2.20.1