Only allow known-safe characters in socket paths

The socket path will be included in a shell command and then as a socat
argument, so only allow a small subset of known-safe characters.  In
practice, this has not been a problem because mktemp doesn’t include
these characters in its output.
This commit is contained in:
Demi Marie Obenour 2020-11-27 15:25:29 -05:00
parent c3761ac7e7
commit 06d84b5198
No known key found for this signature in database
GPG Key ID: 28A45C93B0B5B6E0

View File

@ -1,10 +1,11 @@
#!/bin/bash --
set -eu
umask 0077
tmpdir="$(mktemp -d)"
if [[ $tmpdir =~ \" ]]; then
echo 'Error: non admissible character detected in sock path.'
if ! [[ $tmpdir =~ ^/[/A-Za-z0-9._-]+$ ]]; then
echo 'Error: non admissible character detected in sock path.'>&2
exit 1
fi