blob: df9e0f66d00528e157a22d35ffd379bc3706980e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
From aa87d67258a5b6742fc53d06c7bdac0f643bc9f1 Mon Sep 17 00:00:00 2001
From: Ch3LL <megan.wilhite@gmail.com>
Date: Tue, 1 Aug 2017 13:44:32 -0400
Subject: [PATCH] Add clean_id function to salt.utils.verify.py
---
salt/utils/verify.py | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/salt/utils/verify.py b/salt/utils/verify.py
index 5cac0fa651b..a3dc67db336 100644
--- a/salt/utils/verify.py
+++ b/salt/utils/verify.py
@@ -484,12 +484,21 @@ def clean_path(root, path, subdir=False):
return ''
+def clean_id(id_):
+ '''
+ Returns if the passed id is clean.
+ '''
+ if re.search(r'\.\.{sep}'.format(sep=os.sep), id_):
+ return False
+ return True
+
+
def valid_id(opts, id_):
'''
Returns if the passed id is valid
'''
try:
- return bool(clean_path(opts['pki_dir'], id_))
+ return bool(clean_path(opts['pki_dir'], id_)) and clean_id(id_)
except (AttributeError, KeyError) as e:
return False
|