ambiser
/
btrbk
mirror of https://github.com/digint/btrbk
9
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

btrbk: use File::Spec for relative file arguments

unsafe-filenames
Axel Burri 2021-08-14 18:11:45 +02:00
parent eccb24ecd7
commit 5d94de9142
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
btrbk
View File

@ -5635,11 +5635,12 @@ MAIN:
# input validation # input validation
foreach (@subvol_args) { foreach (@subvol_args) {
my ($url_prefix, $path) = check_url($_); my ($url_prefix, $path) = check_url($_);
if(!defined($path) && $subvol_args_allow_relative && ($url_prefix eq "")) { if(!defined($path) && $subvol_args_allow_relative && ($url_prefix eq "") && (-d $_)) {
# map relative path to absolute unless(eval_quiet { require File::Spec; }) {
if((-d $_) && ($_ =~ /^(.*)$/)) { # untaint ANY argument! ERROR "Cannot handle relative paths (perl version too old; missing File::Spec module): $_";
$path = check_file(`readlink -f -q '$1'`, { absolute => 1 }) exit 2;
} }
$path = check_file(File::Spec->rel2abs($_), { absolute => 1 });
} }
unless(defined($path)) { unless(defined($path)) {
ERROR "Bad argument: not a subvolume declaration: $_"; ERROR "Bad argument: not a subvolume declaration: $_";