Module: tools Branch: master Commit: 5b9933e4ac114b63e4a6acafd6365bba0c90ee62 URL: https://source.winehq.org/git/tools.git/?a=commit;h=5b9933e4ac114b63e4a6acaf... Author: Francois Gouget <fgouget(a)codeweavers.com> Date: Tue Oct 1 03:35:26 2019 +0200 testbot/SetWinLocale: Untaint the hostname if specified on the command line. Signed-off-by: Francois Gouget <fgouget(a)codeweavers.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> --- testbot/bin/SetWinLocale | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/testbot/bin/SetWinLocale b/testbot/bin/SetWinLocale index dc739d1..7ddbded 100755 --- a/testbot/bin/SetWinLocale +++ b/testbot/bin/SetWinLocale @@ -385,6 +385,7 @@ while (@ARGV) } } +# Check and untaint parameters my ($BaseVMName, $VMLocale, %AddLocales, $KeyboardIds, $CountryId); if (!defined $Usage) { @@ -449,7 +450,7 @@ if (!defined $Usage) Error("'$OptVM' should not be a locale VM\n"); $Usage = 2; } - $VMLocale = "$1_$2"; + $VMLocale = "$1_$2"; # untaint $OptDefault = $VMLocale eq "sr_RS" ? "sr-Latn-CS" : "$1-$2"; } elsif ($OptRefresh) @@ -471,6 +472,15 @@ if (!defined $Usage) Error("you must specify the Windows machine to work on\n"); $Usage = 2; } + elsif ($OptHostName =~ /^([a-zA-Z0-9.-]+)$/) + { + $OptHostName = $1; # untaint + } + else + { + Error("'$OptHostName' is not a valid hostname\n"); + $Usage = 2; + } } $OptLocale ||= $OptDefault;