diff options
| -rwxr-xr-x | acid/cyche-build | 6 | ||||
| -rwxr-xr-x | acid/cyche-source | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/acid/cyche-build b/acid/cyche-build index 7f63117..6468276 100755 --- a/acid/cyche-build +++ b/acid/cyche-build @@ -25,6 +25,12 @@ cd "/services/$1" +# For <file>, no absolute paths and no '../' +if ! echo "$2" | grep -Evq '\.\.|^/'; then + echo "Bad file path: $2" + exit 1 +fi + if [ "$4" == "--self" ]; then prev=$(cat '.git/previous_slug') [ -z "$prev" ] && prev="$1" diff --git a/acid/cyche-source b/acid/cyche-source index ee4caca..7dca756 100755 --- a/acid/cyche-source +++ b/acid/cyche-source @@ -25,6 +25,12 @@ gethash() { cd '/services' +# For <name>, limit to a-z, 0-9, -, _ +if ! echo "$1" | grep -Eq '^[-_a-z0-9]*$'; then + echo "Bad service name: $1" >&2 + exit 2 +fi + if ! [ -d "$1" ]; then git clone "$2" "$1" >&2 || exit 2 touch "$1/.git/previous_hash" |