regexp fixes and validation (#829)

2014-05-19 15:41:37 +02:00 · 2014-05-19 15:41:37 +02:00 · fe954632c0
commit fe954632c0
parent e834b33d42
1 changed files with 2 additions and 0 deletions
--- a/qubesmanager/backup_utils.py
+++ b/qubesmanager/backup_utils.py
@ -210,6 +210,8 @@ def get_path_for_vm(vm, service_name):
    if len(untrusted_path) == 0:
        return None
    if path_re.match(untrusted_path):
+        assert '../' not in untrusted_path
+        assert '\0' not in untrusted_path
        return untrusted_path.strip()
    else:
        return None