[PATCH] testbot/SetWinLocale: Untaint the hostname if specified on the command line.
Francois Gouget
fgouget at codeweavers.com
Mon Sep 30 20:35:26 CDT 2019
Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
---
testbot/bin/SetWinLocale | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/testbot/bin/SetWinLocale b/testbot/bin/SetWinLocale
index dc739d102..7ddbdedaa 100755
--- a/testbot/bin/SetWinLocale
+++ b/testbot/bin/SetWinLocale
@@ -385,6 +385,7 @@ while (@ARGV)
}
}
+# Check and untaint parameters
my ($BaseVMName, $VMLocale, %AddLocales, $KeyboardIds, $CountryId);
if (!defined $Usage)
{
@@ -449,7 +450,7 @@ if (!defined $Usage)
Error("'$OptVM' should not be a locale VM\n");
$Usage = 2;
}
- $VMLocale = "$1_$2";
+ $VMLocale = "$1_$2"; # untaint
$OptDefault = $VMLocale eq "sr_RS" ? "sr-Latn-CS" : "$1-$2";
}
elsif ($OptRefresh)
@@ -471,6 +472,15 @@ if (!defined $Usage)
Error("you must specify the Windows machine to work on\n");
$Usage = 2;
}
+ elsif ($OptHostName =~ /^([a-zA-Z0-9.-]+)$/)
+ {
+ $OptHostName = $1; # untaint
+ }
+ else
+ {
+ Error("'$OptHostName' is not a valid hostname\n");
+ $Usage = 2;
+ }
}
$OptLocale ||= $OptDefault;
--
2.20.1
More information about the wine-devel
mailing list