diff options
| author | Joey Hess <joey@kitenet.net> | 2010-04-21 15:05:59 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2010-04-21 15:05:59 -0400 |
| commit | 034b4e826627dddf47ff27278897804e39741e57 (patch) | |
| tree | a7617cd4b144f3aaf50123b66a35d9913fcdcd3f /doc/patch | |
| parent | 9c8761ba49b06a76a923eb91735f842f419d2916 (diff) | |
remove verify_src_file
Splitting out this function bothered me. It is conceptially similar to
file_pruned, and yet also very specific to exactly the security needs of
find_src_files.
I liked that it got rid of duplicate code in the latter function. So
instead, put a helper sub in that, which I think allows refactoring
things more cleanly, and with less boilerplate.
As to the needs of gen_autofile, I'm not convinced this needs to handle
the same set of problems that verify_src_file did. So I sat down and
wrote a custom validator for autofiles, which turned out to seem to just
need three things: Make sure the candidate filename is not something
that would be pruned; untaint the candidate filename; and make sure that
srcdir doesn't already have something with its name. (Plus, of course,
all the other checks that were already in gen_autofile.)
(In passing, also fixed a bunch of bugs I had introduced in this branch.)
Diffstat (limited to 'doc/patch')
0 files changed, 0 insertions, 0 deletions