From fe954632c0810b16dc9186658c23ccbf37f19f18 Mon Sep 17 00:00:00 2001
From: Wojciech Zygmunt Porczyk <wojciech@porczyk.eu>
Date: Mon, 19 May 2014 15:41:37 +0200
Subject: [PATCH] regexp fixes and validation (#829)

---
 qubesmanager/backup_utils.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/qubesmanager/backup_utils.py b/qubesmanager/backup_utils.py
index b822395..d595e6a 100644
--- a/qubesmanager/backup_utils.py
+++ b/qubesmanager/backup_utils.py
@@ -210,6 +210,8 @@ def get_path_for_vm(vm, service_name):
     if len(untrusted_path) == 0:
         return None
     if path_re.match(untrusted_path):
+        assert '../' not in untrusted_path
+        assert '\0' not in untrusted_path
         return untrusted_path.strip()
     else:
         return None