# Inspired from the grap.c file in Sourceforge 2.5
use strict ;
-use vars qw/ @allowed_options @allowed_commands @commands_requiring_unquote $errmsg @cmd / ;
+use vars qw/ @allowed_options @allowed_commands $errmsg @cmd / ;
use subs qw/ &reject / ;
no locale ;
+use Text::ParseWords;
@allowed_options = ('-c', '-e') ;
@allowed_commands = ('cvs','scp','svnserve','bzr','git-upload-pack','git-receive-pack','git-upload-archive') ;
-@commands_requiring_unquote = ('git-upload-pack','git-receive-pack','git-upload-archive') ;
# Clean up our environment
delete @ENV{qw(IFS CDPATH ENV BASH_ENV PATH)};
&reject ;
}
-@cmd = split (/ +/, $ARGV[1]) ;
+@cmd = shellwords ($ARGV[1]) ;
-if (scalar (grep { $_ eq $cmd[0] } @allowed_commands) == 0) {
+if ($#cmd < 0) {
$errmsg = "Command not allowed." ;
&reject ;
}
-if (scalar (grep { $_ eq $cmd[0] } @commands_requiring_unquote) != 0) {
- foreach my $i (1..$#cmd) {
- if ($cmd[$i] =~ /^'(.*)'$/) {
- $cmd[$i] = $1;
- }
- }
+if (scalar (grep { $_ eq $cmd[0] } @allowed_commands) == 0) {
+ $errmsg = "Command not allowed." ;
+ &reject ;
}
exec @cmd ;
projects / fusionforge / fusionforge.git / commitdiff