Francois Gouget : testbot/SetWinLocale: Untaint the hostname if specified on the command line.

[Alexandre Julliard]

Module: tools
Branch: master
Commit: 5b9933e4ac114b63e4a6acafd6365bba0c90ee62
URL:    https://source.winehq.org/git/tools.git/?a=commit;h=5b9933e4ac114b63e4a6acafd6365bba0c90ee62

Author: Francois Gouget <fgouget at codeweavers.com>
Date:   Tue Oct  1 03:35:26 2019 +0200

testbot/SetWinLocale: Untaint the hostname if specified on the command line.

Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 testbot/bin/SetWinLocale | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/testbot/bin/SetWinLocale b/testbot/bin/SetWinLocale
index dc739d1..7ddbded 100755
--- a/testbot/bin/SetWinLocale
+++ b/testbot/bin/SetWinLocale
@@ -385,6 +385,7 @@ while (@ARGV)
   }
 }
 
+# Check and untaint parameters
 my ($BaseVMName, $VMLocale, %AddLocales, $KeyboardIds, $CountryId);
 if (!defined $Usage)
 {
@@ -449,7 +450,7 @@ if (!defined $Usage)
         Error("'$OptVM' should not be a locale VM\n");
         $Usage = 2;
       }
-      $VMLocale = "$1_$2";
+      $VMLocale = "$1_$2"; # untaint
       $OptDefault = $VMLocale eq "sr_RS" ? "sr-Latn-CS" : "$1-$2";
     }
     elsif ($OptRefresh)
@@ -471,6 +472,15 @@ if (!defined $Usage)
       Error("you must specify the Windows machine to work on\n");
       $Usage = 2;
     }
+    elsif ($OptHostName =~ /^([a-zA-Z0-9.-]+)$/)
+    {
+      $OptHostName = $1; # untaint
+    }
+    else
+    {
+      Error("'$OptHostName' is not a valid hostname\n");
+      $Usage = 2;
+    }
   }
 
   $OptLocale ||= $OptDefault;