From aa7ff8ac27614e6111f4a30e55c36fc2af3ac1ae Mon Sep 17 00:00:00 2001 From: Sitaram Chamarty Date: Sun, 14 Aug 2011 08:23:15 +0530 Subject: [PATCH] (mirroring) some more error checking --- src/gl-mirror-push | 2 +- src/gl-mirror-shell | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/gl-mirror-push b/src/gl-mirror-push index 4dd98e7..21dad47 100755 --- a/src/gl-mirror-push +++ b/src/gl-mirror-push @@ -27,7 +27,7 @@ hn=`get_rc_val GL_HOSTNAME` repo=$1; shift REPO_BASE=`get_rc_val REPO_BASE` -cd $REPO_BASE/$repo.git +cd $REPO_BASE/$repo.git 2>/dev/null || die fatal: could not change directory to "$repo" gmm=`git config --get gitolite.mirror.master` # is it local? (remember, empty/undef ==> local diff --git a/src/gl-mirror-shell b/src/gl-mirror-shell index 52741c1..5ca5c74 100755 --- a/src/gl-mirror-shell +++ b/src/gl-mirror-shell @@ -56,7 +56,7 @@ if ( ($ARGV[0] || '') eq 'request-push' and not $soc) { exit; } -unless (@ARGV) { print STDERR "fatal: missing argument\n"; exit 1; } +unless (@ARGV) { print STDERR "fatal: missing command\n"; exit 1; } # ---------- @@ -82,6 +82,7 @@ if ($soc eq 'info') { if ($soc =~ /^git-receive-pack '(\S+)'$/) { my $repo = $1; + die "fatal: invalid characters in $repo\n" unless $repo =~ $REPONAME_PATT; my $mm = mirror_mode($repo); # reminder: we're not going through the slave-side gl-auth-command. This @@ -93,7 +94,6 @@ if ($soc =~ /^git-receive-pack '(\S+)'$/) { $ENV{GL_BYPASS_UPDATE_HOOK} = 1; # replace the repo path with the full path and hand off to git-shell - # m-TODO: the admin repo will need more stuff :) $soc =~ s(')('$ENV{GL_REPO_BASE_ABS}/); exec("git", "shell", "-c", $soc); } @@ -108,6 +108,7 @@ if ($soc =~ /^git-receive-pack '(\S+)'$/) { if ($soc =~ /^request-push (\S+)$/) { my $repo = $1; + die "fatal: invalid characters in $repo\n" unless $repo =~ $REPONAME_PATT; die "$ABRT fatal: $GL_HOSTNAME ==//==> $sender refused: not in slave list\n" unless mirror_listslaves($repo) =~ /(^|\s)$sender(\s|$)/; print STDERR "$GL_HOSTNAME ==== ($repo) ===> $sender\n"; # just one sender, and we've checked that he is "on the list". Foreground... @@ -129,6 +130,8 @@ if ($soc =~ /^USER=(\S+) SOC=(git-receive-pack '(\S+)')$/) { my $user = $1; $ENV{SSH_ORIGINAL_COMMAND} = $2; my $repo = $3; + die "fatal: invalid characters in $user\n" unless $user =~ $USERNAME_PATT; + die "fatal: invalid characters in $repo\n" unless $repo =~ $REPONAME_PATT; die "$ABRT fatal: $GL_HOSTNAME <==//== $sender redirected push rejected\n" unless mirror_redirectOK($repo, $sender); print STDERR "$GL_HOSTNAME <=== $user ($repo) ==== $sender\n";