diff options
Diffstat (limited to 'dev-util/oprofile/files/oprofile-0.9.6-Do-additional-checks-on-user-supplied-arguments.patch')
-rw-r--r-- | dev-util/oprofile/files/oprofile-0.9.6-Do-additional-checks-on-user-supplied-arguments.patch | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/dev-util/oprofile/files/oprofile-0.9.6-Do-additional-checks-on-user-supplied-arguments.patch b/dev-util/oprofile/files/oprofile-0.9.6-Do-additional-checks-on-user-supplied-arguments.patch new file mode 100644 index 000000000000..25ed342f5126 --- /dev/null +++ b/dev-util/oprofile/files/oprofile-0.9.6-Do-additional-checks-on-user-supplied-arguments.patch @@ -0,0 +1,182 @@ +commit 9578aed0a51f5c77fd20fd40cead126c7cdd5030 +Author: William Cohen <wcohen@redhat.com> +Date: Thu Jun 2 10:24:26 2011 -0400 + + Do additional checks on user supplied arguments + + Avoid blindly setting variable to user-supplied values. Check to the values + to make sure they do not contain odd punctuation. + + Signed-off-by: William Cohen <wcohen@redhat.com> + +diff --git a/utils/opcontrol b/utils/opcontrol +index 8f584ad..92baa0d 100644 +--- a/utils/opcontrol ++++ b/utils/opcontrol +@@ -78,7 +78,8 @@ guess_number_base() + # check value is a valid number + error_if_not_number() + { +- guess_number_base $2 ++ error_if_empty "$1" "$2" ++ guess_number_base "$2" + if test "$?" -eq 0 ; then + echo "Argument for $1, $2, is not a valid number." >&2 + exit 1 +@@ -86,13 +87,33 @@ error_if_not_number() + } + + # check value is a base filename +-error_if_not_basename() ++error_if_not_valid_savename() + { ++ error_if_empty "$1" "$2" + bname=`basename "$2"` + if test "$2" != "$bname"; then +- echo "Argument for $1, $2, is not a base filename." >&2 ++ echo "Argument for $1, $2, cannot change directory." >&2 + exit 1 + fi ++ case "$2" in ++ # The following catches anything that is not ++ # 0-9, a-z, A-Z, an '-', ':', ',', '.', or '/' ++ *[!-[:alnum:]_:,./]*) ++ echo "Argument for $1, $2, not allow to have special characters" >&2 ++ exit 1;; ++ esac ++} ++ ++error_if_invalid_arg() ++{ ++ error_if_empty "$1" "$2" ++ case "$2" in ++ # The following catches anything that is not ++ # 0-9, a-z, A-Z, an '-', ':', ',', '.', or '/' ++ *[!-[:alnum:]_:,./]*) ++ echo "Argument for $1, $2, is not valid argument." >&2 ++ exit 1;; ++ esac + } + + # rm_device arguments $1=file_name +@@ -814,8 +835,7 @@ do_options() + ;; + + --save) +- error_if_empty $arg $val +- error_if_not_basename $arg $val ++ error_if_not_valid_savename "$arg" "$val" + DUMP=yes + SAVE_SESSION=yes + SAVE_NAME=$val +@@ -840,8 +860,7 @@ do_options() + # already processed + ;; + --buffer-size) +- error_if_empty $arg $val +- error_if_not_number $arg $val ++ error_if_not_number "$arg" "$val" + BUF_SIZE=$val + DO_SETUP=yes + ;; +@@ -850,8 +869,7 @@ do_options() + echo "$arg unsupported for this kernel version" + exit 1 + fi +- error_if_empty $arg $val +- error_if_not_number $arg $val ++ error_if_not_number "$arg" "$val" + BUF_WATERSHED=$val + DO_SETUP=yes + ;; +@@ -860,13 +878,12 @@ do_options() + echo "$arg unsupported for this kernel version" + exit 1 + fi +- error_if_empty $arg $val +- error_if_not_number $arg $val ++ error_if_not_number "$arg" "$val" + CPU_BUF_SIZE=$val + DO_SETUP=yes + ;; + -e|--event) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + # reset any read-in defaults from daemonrc + if test "$SEEN_EVENT" = "0"; then + NR_CHOSEN=0 +@@ -887,17 +904,16 @@ do_options() + DO_SETUP=yes + ;; + -c|--callgraph) +- error_if_empty $arg $val + if test ! -f $MOUNT/backtrace_depth; then + echo "Call-graph profiling unsupported on this kernel/hardware" >&2 + exit 1 + fi +- error_if_not_number $arg $val ++ error_if_not_number "$arg" "$val" + CALLGRAPH=$val + DO_SETUP=yes + ;; + --vmlinux) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + VMLINUX=$val + DO_SETUP=yes + ;; +@@ -906,32 +922,32 @@ do_options() + DO_SETUP=yes + ;; + --kernel-range) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + KERNEL_RANGE=$val + DO_SETUP=yes + ;; + --xen) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + XENIMAGE=$val + DO_SETUP=yes + ;; + --active-domains) +- error_if_empty $arg $val ++ error_if_invalid_arg $arg $val + ACTIVE_DOMAINS=$val + DO_SETUP=yes + ;; + --note-table-size) +- error_if_empty $arg $val + if test "$KERNEL_SUPPORT" = "yes"; then + echo "\"$arg\" meaningless on this kernel" >&2 + exit 1 + else ++ error_if_not_number "$arg" "$val" + NOTE_SIZE=$val + fi + DO_SETUP=yes + ;; + -i|--image) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + if test "$val" = "all"; then + IMAGE_FILTER= + else +@@ -944,6 +960,7 @@ do_options() + if test -z "$val"; then + VERBOSE="all" + else ++ error_if_invalid_arg "$arg" "$val" + VERBOSE=$val + fi + ;; +@@ -1898,7 +1915,7 @@ check_options_early() + exit 0 + ;; + --session-dir) +- error_if_empty $arg $val ++ error_if_invalid_arg "$arg" "$val" + SESSION_DIR="$val" + DO_SETUP=yes + # do not exit early |