diff options
| author |   rpe <rpe@openbsd.org> | 2016-01-12 00:17:05 +0000 |
|---|---|---|
| committer | rpe <rpe@openbsd.org> | 2016-01-12 00:17:05 +0000 |
| commit | 8c25caccaa507692969d2d67604e3cf3b4b5f35f (patch) | |
| tree | 3e190698c28409594f9aaec661afd12ddd83c484 | |
| parent | post the packet on em_82547 chips after bpf (diff) | |
| download | wireguard-openbsd-8c25caccaa507692969d2d67604e3cf3b4b5f35f.tar.xz wireguard-openbsd-8c25caccaa507692969d2d67604e3cf3b4b5f35f.zip | |
The data for CGI_{METHOD,TIME,TZ} comes from an external source.
Validate before assignment.
with feedback from and OK halex@
OK krw@
| -rw-r--r-- | distrib/miniroot/install.sub | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index bafbd2dd0b6..3af8dd2ab86 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,4 +1,4 @@ -# $OpenBSD: install.sub,v 1.870 2016/01/10 17:47:14 rpe Exp $ +# $OpenBSD: install.sub,v 1.871 2016/01/12 00:17:05 rpe Exp $ # # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback # Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org> @@ -66,6 +66,8 @@ usage() { # Wait for the ftp process to finish, or be killed after the timeout. waitcgiinfo() { + local _key _val + wait "$CGIPID" 2>/dev/null [[ -s $CGI_INFO ]] || return @@ -74,9 +76,13 @@ waitcgiinfo() { set -- $(sed q $HTTP_LIST) : ${HTTP_SERVER:=${1%%/*}} - CGI_METHOD=$(sed -n '/^method=/s///p' $CGI_INFO 2>/dev/null) - CGI_TZ=$(sed -n '/^TZ=/s///p' $CGI_INFO 2>/dev/null) - CGI_TIME=$(sed -n '/^TIME=/s///p' $CGI_INFO 2>/dev/null) + while IFS='=' read -r -- _key _val; do + case $_key=$_val in + method=+([a-z])) CGI_METHOD=$_val;; + TIME=+([0-9])) CGI_TIME=$_val;; + TZ=+([-_/+[:alnum:]])) CGI_TZ=$_val;; + esac + done <$CGI_INFO } |