tighten up pattern to check rsync arguments
thanks to Joe Schaefer at the ASF for catching it. Note that this new pattern *may* be too restrictive -- if you're using this feature and have a problem with the new pattern please email me. See email to gitolite mailing list around this date (2010-11-28) for more details.
This commit is contained in:
parent
db97c5a40a
commit
2bbcc8239c
|
@ -1083,7 +1083,7 @@ sub ext_cmd_rsync
|
||||||
my $perm = "W";
|
my $perm = "W";
|
||||||
$perm = "R" if $1;
|
$perm = "R" if $1;
|
||||||
my $path = $2;
|
my $path = $2;
|
||||||
die "I dont like some of the characters in $path\n" unless $path =~ $REPOPATT_PATT;
|
die "I dont like some of the characters in $path\n" unless $path =~ $REPONAME_PATT;
|
||||||
# XXX make a better pattern for this if people complain ;-)
|
# XXX make a better pattern for this if people complain ;-)
|
||||||
die "I dont like absolute paths in $cmd\n" if $path =~ /^\//;
|
die "I dont like absolute paths in $cmd\n" if $path =~ /^\//;
|
||||||
die "I dont like '..' paths in $cmd\n" if $path =~ /\.\./;
|
die "I dont like '..' paths in $cmd\n" if $path =~ /\.\./;
|
||||||
|
|
Loading…
Reference in a new issue