Mercurial > dropbear
annotate libtomcrypt/filter.pl @ 1885:5d8dbb6fdab7
Fix SSH_PUBKEYINFO, limit characters, add tests
We fix a bad_bufptr() failure from a previous commit. We now limit
the allowed characters to those that will definitely be safe
in a shell. Some scripts/programs may use arbitrary environment
variables without escaping correctly - that could be a problem
in a restricted environment.
The current allowed set is a-z A-Z 0-9 .,_-+@
This also adds a test for SSH_PUBKEYINFO, by default it only runs
under github actions (or "act -j build").
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2022 17:17:23 +0800 |
parents | 0cbe8f6dbf9e |
children |
rev | line source |
---|---|
382
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 # we want to filter every between START_INS and END_INS out and then insert crap from another file (this is fun) |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 $dst = shift; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 $ins = shift; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 open(SRC,"<$dst"); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 open(INS,"<$ins"); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 open(TMP,">tmp.delme"); |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 $l = 0; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 while (<SRC>) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 if ($_ =~ /START_INS/) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 print TMP $_; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 $l = 1; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 while (<INS>) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 print TMP $_; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 close INS; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 } elsif ($_ =~ /END_INS/) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 print TMP $_; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 $l = 0; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 } elsif ($l == 0) { |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 print TMP $_; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 } |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 close TMP; |
0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 close SRC; |