From 1d2baf96d8e8fdaee176f69a1caf2e53b2e77805 Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Wed, 11 Feb 2015 12:39:17 +0100 Subject: [PATCH] Verify app/runtime names and branches in various operations Whenever we create, install, update, uninstall or run apps we verify that all app names and branch names are valid. --- xdg-app-builtins-build-export.c | 12 ++++++++++++ xdg-app-builtins-build-init.c | 18 ++++++++++++++++++ xdg-app-builtins-install.c | 24 ++++++++++++++++++++++++ xdg-app-builtins-run.c | 12 ++++++++++++ xdg-app-builtins-uninstall.c | 24 ++++++++++++++++++++++++ xdg-app-builtins-update.c | 24 ++++++++++++++++++++++++ 6 files changed, 114 insertions(+) diff --git a/xdg-app-builtins-build-export.c b/xdg-app-builtins-build-export.c index 341610e4..fd2eca39 100644 --- a/xdg-app-builtins-build-export.c +++ b/xdg-app-builtins-build-export.c @@ -134,11 +134,23 @@ xdg_app_builtin_build_export (int argc, char **argv, GCancellable *cancellable, directory = argv[2]; name = argv[3]; + if (!xdg_app_is_valid_name (name)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid application name", name); + goto out; + } + if (argc >= 5) branch = argv[4]; else branch = "master"; + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + base = g_file_new_for_commandline_arg (directory); files = g_file_get_child (base, "files"); metadata = g_file_get_child (base, "metadata"); diff --git a/xdg-app-builtins-build-init.c b/xdg-app-builtins-build-init.c index ab8adcfc..e89a4f04 100644 --- a/xdg-app-builtins-build-init.c +++ b/xdg-app-builtins-build-init.c @@ -62,6 +62,24 @@ xdg_app_builtin_build_init (int argc, char **argv, GCancellable *cancellable, GE if (argc >= 5) branch = argv[4]; + if (!xdg_app_is_valid_name (runtime)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid runtime name", runtime); + goto out; + } + + if (!xdg_app_is_valid_name (sdk)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid sdk name", sdk); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + runtime_ref = xdg_app_build_untyped_ref (runtime, branch, opt_arch); sdk_ref = xdg_app_build_untyped_ref (sdk, branch, opt_arch); diff --git a/xdg-app-builtins-install.c b/xdg-app-builtins-install.c index f915b4d9..8943241b 100644 --- a/xdg-app-builtins-install.c +++ b/xdg-app-builtins-install.c @@ -47,6 +47,18 @@ xdg_app_builtin_install_runtime (int argc, char **argv, GCancellable *cancellabl if (argc >= 4) branch = argv[3]; + if (!xdg_app_is_valid_name (runtime)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid runtime name", runtime); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + ref = xdg_app_build_runtime_ref (runtime, branch, opt_arch); deploy_base = xdg_app_dir_get_deploy_dir (dir, ref); @@ -115,6 +127,18 @@ xdg_app_builtin_install_app (int argc, char **argv, GCancellable *cancellable, G if (argc >= 4) branch = argv[3]; + if (!xdg_app_is_valid_name (app)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid application name", app); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + ref = xdg_app_build_app_ref (app, branch, opt_arch); deploy_base = xdg_app_dir_get_deploy_dir (dir, ref); diff --git a/xdg-app-builtins-run.c b/xdg-app-builtins-run.c index ed85cb3b..af94fc74 100644 --- a/xdg-app-builtins-run.c +++ b/xdg-app-builtins-run.c @@ -301,6 +301,18 @@ xdg_app_builtin_run (int argc, char **argv, GCancellable *cancellable, GError ** if (opt_branch) branch = opt_branch; + if (!xdg_app_is_valid_name (app)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid application name", app); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + app_ref = xdg_app_build_app_ref (app, branch, opt_arch); user_dir = xdg_app_dir_get_user (); diff --git a/xdg-app-builtins-uninstall.c b/xdg-app-builtins-uninstall.c index c2fd676a..13865c3c 100644 --- a/xdg-app-builtins-uninstall.c +++ b/xdg-app-builtins-uninstall.c @@ -92,6 +92,18 @@ xdg_app_builtin_uninstall_runtime (int argc, char **argv, GCancellable *cancella else arch = xdg_app_get_arch (); + if (!xdg_app_is_valid_name (name)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid runtime name", name); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + /* TODO: look for apps, require --force */ ref = g_build_filename ("runtime", name, arch, branch, NULL); @@ -210,6 +222,18 @@ xdg_app_builtin_uninstall_app (int argc, char **argv, GCancellable *cancellable, else arch = xdg_app_get_arch (); + if (!xdg_app_is_valid_name (name)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid application name", name); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + ref = g_build_filename ("app", name, arch, branch, NULL); deploy_base = xdg_app_dir_get_deploy_dir (dir, ref); diff --git a/xdg-app-builtins-update.c b/xdg-app-builtins-update.c index 0c5fcae4..5a35eb38 100644 --- a/xdg-app-builtins-update.c +++ b/xdg-app-builtins-update.c @@ -51,6 +51,18 @@ xdg_app_builtin_update_runtime (int argc, char **argv, GCancellable *cancellable if (argc >= 3) branch = argv[2]; + if (!xdg_app_is_valid_name (runtime)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid runtime name", runtime); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + ref = xdg_app_build_runtime_ref (runtime, branch, opt_arch); deploy_base = xdg_app_dir_get_deploy_dir (dir, ref); @@ -130,6 +142,18 @@ xdg_app_builtin_update_app (int argc, char **argv, GCancellable *cancellable, GE if (argc >= 3) branch = argv[2]; + if (!xdg_app_is_valid_name (app)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid application name", app); + goto out; + } + + if (!xdg_app_is_valid_branch (branch)) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "'%s' is not a valid branch name", branch); + goto out; + } + ref = xdg_app_build_app_ref (app, branch, opt_arch); deploy_base = xdg_app_dir_get_deploy_dir (dir, ref);