diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-20 15:17:05 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-20 15:17:05 +0300 |
commit | e7d6aaa44dd8189cab5d0d001c93864b1ecb0005 (patch) | |
tree | a752c1f8ee010622462f0a65617d1a8af9114dd6 /include/profiles | |
parent | f51f19f621e5f5ff1337a4cd039ce7e9de60a67b (diff) |
Stop execution if unexpected characters were found. Also move hyphen to end to list, otherwise it may not work as a matchin character
Diffstat (limited to 'include/profiles')
-rw-r--r-- | include/profiles | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/include/profiles b/include/profiles index 65e3bcee..26b7b9b1 100644 --- a/include/profiles +++ b/include/profiles @@ -45,16 +45,17 @@ sleep 30 fi - # Security check for unexpected and possibly harmful escape characters - DATA=$(grep -v '^$\|^ \|^#\|^config:' ${PROFILE} | tr -d '[:alnum:]/\[\]\(\)\-_\|,\.:;= \n\r' | od -An -ta | sed 's/ /!space!/g') + # Security check for unexpected and possibly harmful escape characters (hyphen should be listed as first or last character) + DATA=$(grep -v '^$\|^ \|^#\|^config:' ${PROFILE} | tr -d '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-' | od -An -ta | sed 's/ /!space!/g') if ! IsEmpty "${DATA}"; then DisplayWarning "Your profile '${PROFILE}' contains unexpected characters. See the log file for more information." - LogText "Found unexpected or possibly harmful characters in the profile. See output below." + LogText "Found unexpected or possibly harmful characters in profile '${PROFILE}'. See which characters matched in the output below and compare them with your profile." for I in "${DATA}"; do I=$(echo ${I} | sed 's/!space!/ /g') LogText "Output: ${I}" done - sleep 30 + LogText "Suggestion: comment incorrect lines with a '#' and try again. Open a GitHub issue if valid characters are blocked" + ExitFatal "unexpected characters in profile. Stopping execution (security measure)" fi # Now parse the profile and filter out unwanted characters |