Francois Gouget : testbot/LogUtils: GetLogFileNames() should untaint the returned log names.

[Alexandre Julliard]

Module: tools
Branch: master
Commit: 8ac3bc8cf7f31318599909ce757aa6974e477157
URL:    https://source.winehq.org/git/tools.git/?a=commit;h=8ac3bc8cf7f31318599909ce757aa6974e477157

Author: Francois Gouget <fgouget at codeweavers.com>
Date:   Thu Dec  5 13:23:19 2019 +0100

testbot/LogUtils: GetLogFileNames() should untaint the returned log names.

Otherwise the caller may get an error when trying to use them for file
operations (such as unlink).

Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 testbot/lib/WineTestBot/LogUtils.pm | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/testbot/lib/WineTestBot/LogUtils.pm b/testbot/lib/WineTestBot/LogUtils.pm
index 32bf0fa..4a17857 100644
--- a/testbot/lib/WineTestBot/LogUtils.pm
+++ b/testbot/lib/WineTestBot/LogUtils.pm
@@ -634,13 +634,21 @@ sub GetLogFileNames($;$)
     foreach my $FileName (glob("'$Dir/$Glob*'"))
     {
       my $LogName = basename($FileName);
-      if ($LogName !~ s/\.err$// and $LogName !~ /\.report$/ and
-          $LogName ne $Glob) # 'log' case
+      $LogName =~ s/\.err$//;
+      next if ($Seen{$LogName});
+      if ($LogName =~ /^([a-zA-Z0-9_]+\.report)$/)
+      {
+        $LogName = $1; # untaint
+      }
+      elsif ($LogName eq $Glob) # log and old_log cases
+      {
+        $LogName = $Glob; # untaint
+      }
+      else
       {
         # Not a valid log filename (where does this file come from?)
         next;
       }
-      next if ($Seen{$LogName});
       $Seen{$LogName} = 1;
 
       if ((-f "$Dir/$LogName" and !-z "$Dir/$LogName") or