diff options
author | Juergen Daubert <jue@jue.li> | 2008-05-29 11:01:01 +0200 |
---|---|---|
committer | Juergen Daubert <jue@jue.li> | 2008-05-29 11:01:01 +0200 |
commit | 23eaa9c9100ecc1f0a8bd0f0f0d79220e76bf966 (patch) | |
tree | 78914f4d2cd89446fbc79ffb519b114f487e7df2 /lib | |
parent | 26061f5b00a3ec0333fc6063dcac8066d47628cd (diff) | |
download | prt-utils-23eaa9c9100ecc1f0a8bd0f0f0d79220e76bf966.tar.gz prt-utils-23eaa9c9100ecc1f0a8bd0f0f0d79220e76bf966.tar.xz |
prtverify: fix regexp for rm/cd commands
Diffstat (limited to 'lib')
-rw-r--r-- | lib/prtverify/20_evil_cmds.awk | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/prtverify/20_evil_cmds.awk b/lib/prtverify/20_evil_cmds.awk index 9c0ff9a..88114a3 100644 --- a/lib/prtverify/20_evil_cmds.awk +++ b/lib/prtverify/20_evil_cmds.awk @@ -1,7 +1,7 @@ # # 20_evil_cmds.awk # -# Version 0.1.2 - 2006-07-14 +# Version 0.1.3 - 2008-05-21 # Jürgen Daubert <jue at jue dot li> # # Two test to find malicious rm and cd commands like 'rm -rf /usr'. @@ -18,10 +18,10 @@ loglevel_ok(FATAL) && FILENAME ~ PKGFILE { - if (match($0, /\<rm\>/)) { + if (match($0, /(^|[[:blank:]])+rm[[:blank:]]+/)) { a = substr($0, RSTART) - + while ($0 ~ /\\$/) { getline a = a $0 @@ -37,7 +37,7 @@ loglevel_ok(FATAL) && FILENAME ~ PKGFILE { } - if ($0 ~ /\<cd\>/) { + if ($0 ~ /(^|[[:blank:]])+cd[[:blank:]]+/) { for (c=1; c<=NF; c++) { if ($c == "cd" && $(c+1) ~ /^\//) perror(FATAL, "Use of cd to go outside the workdir, Pkgfile line " NR) |