my $tainted_val = $item->[1];
if ($tainted_cmd eq 'directory') {
- parse_directory_line($tainted_val, $directive_file_contents,0);
- $header{directory} = $info{directory};
- $header{package} = $info{package};
+ unless ($tainted_val =~ m/^($RE_filename_relative)$/) {
+ push @errors, "invalid directory $tainted_val";
+ next;
+ }
+ my $val = $1; # so far so good
+
+ my @dirs = File::Spec::Unix->splitdir($1);
+ my $dir_depth = scalar @dirs;
+
+ # A couple of subdir levels are ok, but don't allow hundreds.
+ if ($dir_depth > MAX_DIRECTORY_DEPTH) {
+ push @errors, "$dir_depth levels is too deep, in $val";
+ next;
+ }
+
+ # Only let them specify one directory directive.
+ if (defined $header{directory}) {
+ push @errors,
+ "Only one directory directive is allowed per directive file. "
+ ."Error at directory directive: $val";
+ next;
+ }
+
+ $header{directory} = $val; # ok.
+ $header{package} = $dirs[0]; # top-level name, no subdir
+ $info{directory} = $header{directory};
+ $info{package} = $header{package};
+
+ # TODO: move this part elsewhere:
+ # Set email addresses
+ my @a = email_addresses($info{package});
+ foreach my $address (@a) {
+ # Do not include duplicates
+ push (@{$info{email}}, $address)
+ unless (grep($_ eq $address,@{$info{email}}) > 0);
+ }
+
} elsif ($tainted_cmd eq 'filename') {
# We use the same filename restrictions as scan_incoming
unless ($tainted_val =~ /^($RE_filename_here)$/) {
projects / gatekeeper.git / commitdiff