Shielded processing of user arguments against leading dashes

This commit is contained in:
Thomas Schmitt 2019-12-21 11:07:39 +01:00
parent 42df8f913c
commit b97841b782

View File

@ -162,22 +162,30 @@ xdt_round_down_div_million() {
## Check for harmless name or number in program argument ## Check for harmless name or number in program argument
xdt_check_parameter() { xdt_check_parameter() {
if test "$2" = "device_name" if test "X$2" = "Xdevice_name"
then then
if echo "$1" | grep '[^A-Za-z0-9_/-]' >/dev/null if echo "X$1" | grep '[^A-Za-z0-9_/-]' >/dev/null
then then
echo "SORRY: Given device name contains unexpected character. Ok: [A-za-z0-9_/-]" >&2 echo "SORRY: Given device name contains unexpected character. Ok: [A-za-z0-9_/-]" >&2
return 12 return 12
fi elif echo "X$1" | grep '^X-' >/dev/null
elif test "$2" = "image_file"
then then
if echo "$1" | grep '[$`[*?<>|&!{\]' >/dev/null echo "SORRY: Given device name begins by '-' character." >&2
return 15
fi
elif test "X$2" = "Ximage_file"
then
if echo "X$1" | grep '[$`[*?<>|&!{\]' >/dev/null
then then
echo "SORRY: Given image file name contains unexpected character. Not ok: "'[$`[*?<>|&!{\]' >&2 echo "SORRY: Given image file name contains unexpected character. Not ok: "'[$`[*?<>|&!{\]' >&2
return 15 return 15
elif echo "X$1" | grep '^X[-(]' >/dev/null
then
echo "SORRY: Given image file name begins by problematic character. Not ok: "'[-(]' >&2
return 15
fi fi
else else
if echo "$1" | grep -v '^[0-9][0-9]*[0-9MGTmgt]$' >/dev/null if echo "X$1" | grep -v '^X[0-9][0-9]*[0-9MGTmgt]$' >/dev/null
then then
echo "SORRY: Number for $2 too short or bad character. Ok: [0-9][0-9MGTmgt]" >&2 echo "SORRY: Number for $2 too short or bad character. Ok: [0-9][0-9MGTmgt]" >&2
return 14 return 14
@ -265,51 +273,51 @@ xdt_arg_interpreter() {
xdt_min_size="$(expr $xdt_min_size + 1)" xdt_min_size="$(expr $xdt_min_size + 1)"
fi fi
xdt_next_is= xdt_next_is=
elif test "$xdt_i" = "-list_all" elif test "X$xdt_i" = "X-list_all"
then then
xdt_list_all=y xdt_list_all=y
xdt_with_vendor_model=y xdt_with_vendor_model=y
xdt_show_reasons=y xdt_show_reasons=y
elif test "$xdt_i" = "-list_long" elif test "X$xdt_i" = "X-list_long"
then then
xdt_do_list_long=y xdt_do_list_long=y
elif test "$xdt_i" = "-plug_test" elif test "X$xdt_i" = "X-plug_test"
then then
xdt_do_plug_test=y xdt_do_plug_test=y
elif test "$xdt_i" = "-max_size" elif test "X$xdt_i" = "X-max_size"
then then
xdt_next_is="max_size" xdt_next_is="max_size"
elif test "$xdt_i" = "-min_size" elif test "X$xdt_i" = "X-min_size"
then then
xdt_next_is="min_size" xdt_next_is="min_size"
elif test "$xdt_i" = "-with_vendor_model" elif test "X$xdt_i" = "X-with_vendor_model"
then then
xdt_with_vendor_model=y xdt_with_vendor_model=y
elif test "$xdt_i" = "-look_for_iso" elif test "X$xdt_i" = "X-look_for_iso"
then then
xdt_look_for_iso=y xdt_look_for_iso=y
elif test "$xdt_i" = "-with_sudo" elif test "X$xdt_i" = "X-with_sudo"
then then
xdt_with_sudo=y xdt_with_sudo=y
elif test "$xdt_i" = "-image_file" elif test "X$xdt_i" = "X-image_file"
then then
xdt_next_is="image_file" xdt_next_is="image_file"
elif test "$xdt_i" = "-dummy" elif test "X$xdt_i" = "X-dummy"
then then
xdt_dummy_run=y xdt_dummy_run=y
elif test "$xdt_i" = "-dummy_force" elif test "X$xdt_i" = "X-dummy_force"
then then
xdt_dummy_run=y xdt_dummy_run=y
xdt_do_write=y xdt_do_write=y
xdt_dummy_force=y xdt_dummy_force=y
elif test "$xdt_i" = "-DO_WRITE" elif test "X$xdt_i" = "X-DO_WRITE"
then then
xdt_do_write=y xdt_do_write=y
elif test "$xdt_i" = "-help" elif test "X$xdt_i" = "X-help"
then then
xdt_print_usage xdt_print_usage
return 0 return 0
elif echo "$xdt_i" | grep -v '^-' >/dev/null elif echo "X$xdt_i" | grep -v '^X-' >/dev/null
then then
xdt_check_parameter "$xdt_i" device_name || return "$?" xdt_check_parameter "$xdt_i" device_name || return "$?"
xdt_devs_named=y xdt_devs_named=y