From 45318ecb43d715e30f9ed94808af63439496f7fd Mon Sep 17 00:00:00 2001 From: Wojciech Zygmunt Porczyk Date: Fri, 16 May 2014 18:35:59 +0200 Subject: [PATCH] regexp fixes and validation (#829) --- qubes-rpc/qubes-notify-tools | 10 ++++++---- qvm-tools/qvm-prefs | 2 +- qvm-tools/qvm-sync-clock | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/qubes-rpc/qubes-notify-tools b/qubes-rpc/qubes-notify-tools index 2869dc92..c91d8d09 100755 --- a/qubes-rpc/qubes-notify-tools +++ b/qubes-rpc/qubes-notify-tools @@ -60,9 +60,11 @@ def main(): else: gui = int(untrusted_gui) - if untrusted_user is not None: - if re.match(r'^[a-zA-Z0-9-]+$', untrusted_user): - user = untrusted_user + if untrusted_user is not None and re.match(r'^[a-zA-Z0-9-]{1,255}$', untrusted_user): + assert '@' not in untrusted_user + assert '/' not in untrusted_user + + user = untrusted_user else: user = None @@ -70,7 +72,7 @@ def main(): source_vm.qrexec_installed = qrexec > 0 source_vm.guiagent_installed = gui > 0 - if user: + if user is not None: source_vm.default_user = user qvm_collection.save() diff --git a/qvm-tools/qvm-prefs b/qvm-tools/qvm-prefs index c9e54455..992ab6bc 100755 --- a/qvm-tools/qvm-prefs +++ b/qvm-tools/qvm-prefs @@ -164,7 +164,7 @@ def set_mac(vms, vm, args): print >> sys.stderr, "Missing MAC argument!" return False - if not re.match("[0-9a-fA-F:]{17}|auto", args[0]): + if not re.match("[0-9a-fA-F]{2}(:[0-9a-fA-F]{2}){5}|auto", args[0]): print >> sys.stderr, "Invalid MAC argument!" print >> sys.stderr, "Possible values:" print >> sys.stderr, "1) auto" diff --git a/qvm-tools/qvm-sync-clock b/qvm-tools/qvm-sync-clock index df2eddc2..62112754 100755 --- a/qvm-tools/qvm-sync-clock +++ b/qvm-tools/qvm-sync-clock @@ -72,10 +72,10 @@ def main(): sys.exit(1) # Use the date format based on RFC2822 to avoid localisation issues - p = clock_vm.run('date -u -R', verbose=verbose, passio_popen=True, ignore_stderr=True) + p = clock_vm.run('date -u -Iseconds', verbose=verbose, passio_popen=True, ignore_stderr=True) date_out = p.stdout.read(100) date_out = date_out.strip() - if not re.match(r'^[A-Za-z]+[,] [0-9][0-9] [A-Za-z]+ [0-9][0-9][0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9] [+]0000$', date_out): + if not re.match(r'^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\+0000$', date_out): print >> sys.stderr, 'Invalid date output, aborting!' sys.exit(1) @@ -83,7 +83,7 @@ def main(): if verbose: print >> sys.stderr, '--> Syncing dom0 clock.' - subprocess.check_call(['sudo', 'date', '-u', '-R', '-s', date_out]) + subprocess.check_call(['sudo', 'date', '-u', '-Iseconds', '-s', date_out]) subprocess.check_call(['sudo', 'hwclock', '--systohc']) # Sync other VMs clock