Handle tainted values if --with-gpgv or --with-lsof options are used

diff --git a/gatekeeper.pl b/gatekeeper.pl
index 04f82c528aa2cf1718363c7be6c04c99acf07916..9cfd6ff03af2687324fe9d832d63cba61e77ea50 100755 (executable)
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -238,8 +238,7 @@ BEGIN {
   my $want_version = '';
 
   my $ConfigFile = File::Spec->catfile($FindBin::Bin, 'gatekeeper.conf');
-  my $GPGV_Bin = '/usr/bin/gpgv';
-  my $LSOF_Bin = '/usr/bin/lsof';
+  my $GPGV_Bin; my $LSOF_Bin;
 
   # Set this to 1 or higher to get debug output in the log file.
   my $DEBUG = 1;
@@ -296,8 +295,19 @@ BEGIN {
     constant->import(FTPINDEX_TOOL =>
                     File::Spec->catfile($1, 'make-ftpindex.sh'));
 
-    constant->import(GPGV_BIN => $GPGV_Bin);
-    constant->import(LSOF_BIN => $LSOF_Bin);
+    if (defined $GPGV_Bin) {
+      $GPGV_Bin =~ m[^/([[:graph:] ]+[^/])$]
+       or die "--with-gpgv requires a reasonable absolute file name";
+      -f $1 && -x _ or die "--with-gpgv must name an executable file";
+      constant->import(GPGV_BIN => $1);
+    } else { constant->import(GPGV_BIN => '/usr/bin/gpgv') }
+
+    if (defined $LSOF_Bin) {
+      $LSOF_Bin =~ m[^/([[:graph:] ]+[^/])$]
+       or die "--with-lsof requires a reasonable absolute file name";
+      -f $1 && -x _ or die "--with-lsof must name an executable file";
+      constant->import(LSOF_BIN => $1);
+    } else { constant->import(LSOF_BIN => '/usr/bin/lsof') }
   }
 
   # declare variables used to initialize constants