diff mbox series

[FFmpeg-devel,fateserver,2/2] Add missing validation of out of process data

Message ID 20210907111922.2654736-2-martin@martin.st
State New
Headers show
Series [FFmpeg-devel,fateserver,1/2] Add a missed taint check in report.cgi | expand

Checks

Context Check Description
andriy/configurex86 warning Failed to apply patch
andriy/configureppc warning Failed to apply patch

Commit Message

Martin Storsjö Sept. 7, 2021, 11:19 a.m. UTC 
When invoking unxz, the variables making up the path
passed to unxz need to be validated.

load_summary normally only reads the "summary" file, but
if missing, it tries to use unxz to unpack report.xz. In
this case the slot value needs to be validated, which can
be done in the main loop in index.cgi.

load_report uses unxz, with a slot and date read from
the summary file, when the report contained failures.
In this case, the slot and date values can either be
validated as they're read from the summary in load_summary
or split_header, or before they're used in load_report.

This unbreaks the main results listings for slots with one or
more test failures.
---
 FATE.pm   | 2 ++
 index.cgi | 1 +
 2 files changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/FATE.pm b/FATE.pm
index b7d7260..ccb8958 100644
--- a/FATE.pm
+++ b/FATE.pm
@@ -147,6 +147,8 @@  sub load_summary {
 
 sub load_report {
     my ($slot, $date) = @_;
+    ($slot) = $slot =~ /^([A-Za-z0-9_\-.]{1,80})\z/ or exit 1;
+    ($date) = $date =~ /^([0-9]{1,80})\z/ or exit 1;
     my $report = "$fatedir/$slot/$date/report.xz";
     my @recs;
 
diff --git a/index.cgi b/index.cgi
index 8fe92db..c053d0e 100755
--- a/index.cgi
+++ b/index.cgi
@@ -47,6 +47,7 @@  my $allpass = 0;
 my $allfail = 0;
 
 for my $slot (@slots) {
+    ($slot) = $slot =~ /^([A-Za-z0-9_\-.]{1,80})\z/ or next;
     next if -e "$fatedir/$slot/hidden";
     my $rep = load_summary $slot, 'latest' or next;
     next if time - parse_date($$rep{date}) > $hidden_age;