Module: tools Branch: master Commit: 8ac3bc8cf7f31318599909ce757aa6974e477157 URL: https://source.winehq.org/git/tools.git/?a=commit;h=8ac3bc8cf7f31318599909ce... Author: Francois Gouget <fgouget(a)codeweavers.com> Date: Thu Dec 5 13:23:19 2019 +0100 testbot/LogUtils: GetLogFileNames() should untaint the returned log names. Otherwise the caller may get an error when trying to use them for file operations (such as unlink). Signed-off-by: Francois Gouget <fgouget(a)codeweavers.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> --- testbot/lib/WineTestBot/LogUtils.pm | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/testbot/lib/WineTestBot/LogUtils.pm b/testbot/lib/WineTestBot/LogUtils.pm index 32bf0fa..4a17857 100644 --- a/testbot/lib/WineTestBot/LogUtils.pm +++ b/testbot/lib/WineTestBot/LogUtils.pm @@ -634,13 +634,21 @@ sub GetLogFileNames($;$) foreach my $FileName (glob("'$Dir/$Glob*'")) { my $LogName = basename($FileName); - if ($LogName !~ s/\.err$// and $LogName !~ /\.report$/ and - $LogName ne $Glob) # 'log' case + $LogName =~ s/\.err$//; + next if ($Seen{$LogName}); + if ($LogName =~ /^([a-zA-Z0-9_]+\.report)$/) + { + $LogName = $1; # untaint + } + elsif ($LogName eq $Glob) # log and old_log cases + { + $LogName = $Glob; # untaint + } + else { # Not a valid log filename (where does this file come from?) next; } - next if ($Seen{$LogName}); $Seen{$LogName} = 1; if ((-f "$Dir/$LogName" and !-z "$Dir/$LogName") or