From: Jacob Bachmeyer <jcb@gnu.org>
Date: Sat, 1 Jul 2023 04:05:00 +0000 (-0500)
Subject: Move Automake CVE test to packet object method
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=811043d5181b60a858310b60b525e63a66b7d6e9;p=gatekeeper.git

Move Automake CVE test to packet object method
---

diff --git a/gatekeeper.pl b/gatekeeper.pl
index de79f13..8df29a2 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -1639,6 +1639,7 @@ sub read_directive_from_string {
 
   sub parse;
   sub auth_check;
+  sub upload_check;
 }
 
 {
@@ -1712,6 +1713,8 @@ sub read_directive_from_string {
     ::check_replay($self->{oplist}, $dsig_info->{sig_creation});
   }
 
+  sub upload_check { }
+
 }
 
 {
@@ -1751,6 +1754,14 @@ sub read_directive_from_string {
 	unless defined $fsig_info->{sig_creation};
     ::check_signature_timestamp(file => $fsig_info->{sig_creation});
   }
+
+  sub upload_check {
+    my $self = shift;
+
+    # Check uploaded file for known Automake CVE issues.
+    ::check_automake_vulnerabilities
+      (File::Spec->catfile(::CONF_DIR_Scratch, $self->upload_filename));
+  }
 }
 
 
@@ -3259,10 +3270,7 @@ foreach my $packet (@packets) {	# each list element is an array reference
 
     $Phase = 'VL';
 
-    # If the upload carries a file, check it for known Automake CVE issues.
-    check_automake_vulnerabilities
-      (File::Spec->catfile(CONF_DIR_Scratch, $packet->upload_filename))
-	if $packet->has_uploaded_file;
+    $packet->upload_check;
 
     # If the upload installs a file, check if the final file exists; if so,
     # require the 'replace' option to be set.