From 811043d5181b60a858310b60b525e63a66b7d6e9 Mon Sep 17 00:00:00 2001
From: Jacob Bachmeyer <jcb@gnu.org>
Date: Fri, 30 Jun 2023 23:05:00 -0500
Subject: [PATCH] Move Automake CVE test to packet object method

---
 gatekeeper.pl | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/gatekeeper.pl b/gatekeeper.pl
index de79f13..8df29a2 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -1639,6 +1639,7 @@ sub read_directive_from_string {
 
   sub parse;
   sub auth_check;
+  sub upload_check;
 }
 
 {
@@ -1712,6 +1713,8 @@ sub read_directive_from_string {
     ::check_replay($self->{oplist}, $dsig_info->{sig_creation});
   }
 
+  sub upload_check { }
+
 }
 
 {
@@ -1751,6 +1754,14 @@ sub read_directive_from_string {
 	unless defined $fsig_info->{sig_creation};
     ::check_signature_timestamp(file => $fsig_info->{sig_creation});
   }
+
+  sub upload_check {
+    my $self = shift;
+
+    # Check uploaded file for known Automake CVE issues.
+    ::check_automake_vulnerabilities
+      (File::Spec->catfile(::CONF_DIR_Scratch, $self->upload_filename));
+  }
 }
 
 
@@ -3259,10 +3270,7 @@ foreach my $packet (@packets) {	# each list element is an array reference
 
     $Phase = 'VL';
 
-    # If the upload carries a file, check it for known Automake CVE issues.
-    check_automake_vulnerabilities
-      (File::Spec->catfile(CONF_DIR_Scratch, $packet->upload_filename))
-	if $packet->has_uploaded_file;
+    $packet->upload_check;
 
     # If the upload installs a file, check if the final file exists; if so,
     # require the 'replace' option to be set.
-- 
2.25.1