Fossil SCM
Also disallow wildcard characters in blob_append_escape_arg().
Commit
d5b015946d85ba4d3b894179af607a631f5b2c601f5052ea185ffb7949edced2
Parent
3bbac575348d0a5…
1 file changed
+1
-1
+1
-1
| --- src/blob.c | ||
| +++ src/blob.c | ||
| @@ -1195,11 +1195,11 @@ | ||
| 1195 | 1195 | #else |
| 1196 | 1196 | const char cQuote = '\''; /* Use '...' quoting on unix */ |
| 1197 | 1197 | #endif |
| 1198 | 1198 | |
| 1199 | 1199 | for(i=0; (c = zIn[i])!=0; i++){ |
| 1200 | - if( c==cQuote || c=='\\' || c<' ' || c==';' ) { | |
| 1200 | + if( c==cQuote || c=='\\' || c<' ' || c==';' || c=='*' || c=='?' || c=='[') { | |
| 1201 | 1201 | Blob bad; |
| 1202 | 1202 | blob_token(pBlob, &bad); |
| 1203 | 1203 | fossil_fatal("the [%s] argument to the \"%s\" command contains " |
| 1204 | 1204 | "a character (ascii 0x%02x) that is a security risk", |
| 1205 | 1205 | zIn, blob_str(&bad), c); |
| 1206 | 1206 |
| --- src/blob.c | |
| +++ src/blob.c | |
| @@ -1195,11 +1195,11 @@ | |
| 1195 | #else |
| 1196 | const char cQuote = '\''; /* Use '...' quoting on unix */ |
| 1197 | #endif |
| 1198 | |
| 1199 | for(i=0; (c = zIn[i])!=0; i++){ |
| 1200 | if( c==cQuote || c=='\\' || c<' ' || c==';' ) { |
| 1201 | Blob bad; |
| 1202 | blob_token(pBlob, &bad); |
| 1203 | fossil_fatal("the [%s] argument to the \"%s\" command contains " |
| 1204 | "a character (ascii 0x%02x) that is a security risk", |
| 1205 | zIn, blob_str(&bad), c); |
| 1206 |
| --- src/blob.c | |
| +++ src/blob.c | |
| @@ -1195,11 +1195,11 @@ | |
| 1195 | #else |
| 1196 | const char cQuote = '\''; /* Use '...' quoting on unix */ |
| 1197 | #endif |
| 1198 | |
| 1199 | for(i=0; (c = zIn[i])!=0; i++){ |
| 1200 | if( c==cQuote || c=='\\' || c<' ' || c==';' || c=='*' || c=='?' || c=='[') { |
| 1201 | Blob bad; |
| 1202 | blob_token(pBlob, &bad); |
| 1203 | fossil_fatal("the [%s] argument to the \"%s\" command contains " |
| 1204 | "a character (ascii 0x%02x) that is a security risk", |
| 1205 | zIn, blob_str(&bad), c); |
| 1206 |