forked from lix-project/hydra
This commit is contained in:
parent
d1e0e2f2c6
commit
f1fbcd04a8
|
@ -7,11 +7,6 @@ use Hydra::Helper::Nix;
|
||||||
use Hydra::Helper::CatalystUtils;
|
use Hydra::Helper::CatalystUtils;
|
||||||
|
|
||||||
|
|
||||||
# Security checking of filenames.
|
|
||||||
my $pathCompRE = "(?:[A-Za-z0-9-\+][A-Za-z0-9-\+\._]*)";
|
|
||||||
my $relPathRE = "(?:$pathCompRE(?:\/$pathCompRE)*)";
|
|
||||||
|
|
||||||
|
|
||||||
sub build : Chained('/') PathPart CaptureArgs(1) {
|
sub build : Chained('/') PathPart CaptureArgs(1) {
|
||||||
my ($self, $c, $id) = @_;
|
my ($self, $c, $id) = @_;
|
||||||
|
|
||||||
|
|
|
@ -352,7 +352,7 @@ sub updateProject {
|
||||||
|
|
||||||
# The Nix expression path must be relative and can't contain ".." elements.
|
# The Nix expression path must be relative and can't contain ".." elements.
|
||||||
my $nixExprPath = trim $c->request->params->{"jobset-$baseName-nixexprpath"};
|
my $nixExprPath = trim $c->request->params->{"jobset-$baseName-nixexprpath"};
|
||||||
die "Invalid Nix expression path: $nixExprPath" if $nixExprPath !~ /^$Build::relPathRE$/;
|
die "Invalid Nix expression path: $nixExprPath" if $nixExprPath !~ /^$relPathRE$/;
|
||||||
|
|
||||||
my $nixExprInput = trim $c->request->params->{"jobset-$baseName-nixexprinput"};
|
my $nixExprInput = trim $c->request->params->{"jobset-$baseName-nixexprinput"};
|
||||||
die "Invalid Nix expression input name: $nixExprInput" unless $nixExprInput =~ /^\w+$/;
|
die "Invalid Nix expression input name: $nixExprInput" unless $nixExprInput =~ /^\w+$/;
|
||||||
|
|
|
@ -2,9 +2,13 @@ package Hydra::Helper::CatalystUtils;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Exporter;
|
use Exporter;
|
||||||
|
use Readonly;
|
||||||
|
|
||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our @EXPORT = qw(getBuild error notFound);
|
our @EXPORT = qw(
|
||||||
|
getBuild error notFound
|
||||||
|
$pathCompRE $relPathRE
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
sub getBuild {
|
sub getBuild {
|
||||||
|
@ -28,4 +32,9 @@ sub notFound {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Security checking of filenames.
|
||||||
|
Readonly::Scalar our $pathCompRE => "(?:[A-Za-z0-9-\+][A-Za-z0-9-\+\._]*)";
|
||||||
|
Readonly::Scalar our $relPathRE => "(?:$pathCompRE(?:\/$pathCompRE)*)";
|
||||||
|
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
Loading…
Reference in a new issue