diff options
| author | Craig Jennings <c@cjennings.net> | 2026-05-11 18:36:36 -0500 |
|---|---|---|
| committer | Craig Jennings <c@cjennings.net> | 2026-05-11 18:36:36 -0500 |
| commit | 43f11a9948212d570c7b12fe974ae6f614416dfb (patch) | |
| tree | 3730fad7218be50fad3cbd11753b666fbe573b5a | |
| parent | 1ff51146d9de6ed76e67945fea9f9ca61acdda00 (diff) | |
| download | archsetup-43f11a9948212d570c7b12fe974ae6f614416dfb.tar.gz archsetup-43f11a9948212d570c7b12fe974ae6f614416dfb.zip | |
fix(archsetup): accept local-path repo specs in config validation
The `validate_config()` repo check I just added used a scheme allowlist (`http(s)://`, `git://`, `ssh://`, `user@host:path`), which rejected `ARCHSETUP_REPO=/tmp/archsetup-test` in `scripts/testing/archsetup-vm.conf`. That broke the VM test: archsetup exited during validation before logging anything, and `run-test.sh` reported "ArchSetup process not found after launch". `git clone` accepts local paths and `file://` URLs fine, so the allowlist was wrong. I replaced it with a security-only check: reject a leading dash (which `git` would parse as an option) plus whitespace and control characters, allow everything else. Smoke-tested against the test config and a matrix of repo forms.
| -rwxr-xr-x | archsetup | 18 |
1 files changed, 7 insertions, 11 deletions
@@ -174,20 +174,16 @@ validate_config() { exit 1 fi + # Repo specs are handed to `git clone`, which also accepts local paths and + # file:// URLs (the test harness points ARCHSETUP_REPO at a local checkout), + # so don't allowlist schemes. Just block the one real injection vector -- a + # leading dash, which git would parse as an option -- plus whitespace and + # control characters. local repo for repo in "$dwm_repo" "$dmenu_repo" "$st_repo" "$slock_repo" "$dotemacs_repo" "$archsetup_repo"; do [[ -z "$repo" ]] && continue - case "$repo" in - http://*|https://*|git://*|ssh://*) ;; - *@*:*) ;; - *) - echo "ERROR: Repository URL looks unsupported: '$repo'" >&2 - echo " Expected http(s)://, git://, ssh://, or user@host:path." >&2 - exit 1 - ;; - esac - if [[ "$repo" =~ [[:space:]] || "$repo" == -* ]]; then - echo "ERROR: Repository URL contains whitespace or starts with '-': '$repo'" >&2 + if [[ "$repo" == -* || "$repo" =~ [[:space:][:cntrl:]] ]]; then + echo "ERROR: Repository spec must not start with '-' or contain whitespace/control characters: '$repo'" >&2 exit 1 fi done |