diff options
| -rwxr-xr-x | archsetup | 18 |
1 files changed, 7 insertions, 11 deletions
@@ -174,20 +174,16 @@ validate_config() { exit 1 fi + # Repo specs are handed to `git clone`, which also accepts local paths and + # file:// URLs (the test harness points ARCHSETUP_REPO at a local checkout), + # so don't allowlist schemes. Just block the one real injection vector -- a + # leading dash, which git would parse as an option -- plus whitespace and + # control characters. local repo for repo in "$dwm_repo" "$dmenu_repo" "$st_repo" "$slock_repo" "$dotemacs_repo" "$archsetup_repo"; do [[ -z "$repo" ]] && continue - case "$repo" in - http://*|https://*|git://*|ssh://*) ;; - *@*:*) ;; - *) - echo "ERROR: Repository URL looks unsupported: '$repo'" >&2 - echo " Expected http(s)://, git://, ssh://, or user@host:path." >&2 - exit 1 - ;; - esac - if [[ "$repo" =~ [[:space:]] || "$repo" == -* ]]; then - echo "ERROR: Repository URL contains whitespace or starts with '-': '$repo'" >&2 + if [[ "$repo" == -* || "$repo" =~ [[:space:][:cntrl:]] ]]; then + echo "ERROR: Repository spec must not start with '-' or contain whitespace/control characters: '$repo'" >&2 exit 1 fi done |