Move Automake CVE test to packet object method

diff --git a/gatekeeper.pl b/gatekeeper.pl
index de79f139bea042d6df8639ba9ab8f1c8bb3da92f..8df29a2e555eaca5228b09ca47beeaf85c2250fe 100755 (executable)
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -1639,6 +1639,7 @@ sub read_directive_from_string {
 
   sub parse;
   sub auth_check;
+  sub upload_check;
 }
 
 {
@@ -1712,6 +1713,8 @@ sub read_directive_from_string {
     ::check_replay($self->{oplist}, $dsig_info->{sig_creation});
   }
 
+  sub upload_check { }
+
 }
 
 {
@@ -1751,6 +1754,14 @@ sub read_directive_from_string {
        unless defined $fsig_info->{sig_creation};
     ::check_signature_timestamp(file => $fsig_info->{sig_creation});
   }
+
+  sub upload_check {
+    my $self = shift;
+
+    # Check uploaded file for known Automake CVE issues.
+    ::check_automake_vulnerabilities
+      (File::Spec->catfile(::CONF_DIR_Scratch, $self->upload_filename));
+  }
 }
 
 \f
@@ -3259,10 +3270,7 @@ foreach my $packet (@packets) {  # each list element is an array reference
 
     $Phase = 'VL';
 
-    # If the upload carries a file, check it for known Automake CVE issues.
-    check_automake_vulnerabilities
-      (File::Spec->catfile(CONF_DIR_Scratch, $packet->upload_filename))
-       if $packet->has_uploaded_file;
+    $packet->upload_check;
 
     # If the upload installs a file, check if the final file exists; if so,
     # require the 'replace' option to be set.