File: pm-jasrv-check.rc

package info (click to toggle)
procmail-lib 1%3A2009.1202-5
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 2,376 kB
  • sloc: perl: 294; makefile: 177; sh: 4
file content (84 lines) | stat: -rw-r--r-- 2,122 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# pm-jasrv-check.rc -- check FILE validity, subroutine for File Server
#
#   File id
#
#       Copyright (C) 1997-2010 Jari Aalto
#
#       This program is free software; you can redistribute it and/or
#       modify it under the terms of the GNU General Public License as
#       published by the Free Software Foundation; either version 2 of the
#       License, or (at your option) any later version
#
#       This program is distributed in the hope that it will be useful, but
#       WITHOUT ANY WARRANTY; without even the implied warranty of
#       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
#       General Public License for more details at
#       <http://www.gnu.org/copyleft/gpl.html>.
#
#   Description
#
#       This subroutine is part of the TPFS or MPFS file server.
#       Check FILE for nonvalid filenames or other access problems.
#
#   Input
#
#       o   JA_SRV_F_FILE_CASE_SENSITIVE, flag
#       o   FILE, filename to check. possibly converted to lowercase.
#
#   Output
#
#       o   stat, set to "ok" if filename is acceptable. Otherwise contains
#           brief error reason;
#
#
#   Change Log (none)

# ............................................................ &init ...

id    = "pm-jasrv-check.rc"
dummy = "
========================================================================
$id: init:
"


stat = "ok"


# .................................................. &conversion ...
# Should we ignore spelling mistakes? File.txt --> file.txt

:0 D
* JA_SRV_F_FILE_CASE_SENSITIVE ?? no
*                         FILE ?? [A-Z]
{
    FILE = `echo "$FILE" | $TR A-Z a-z`
}

# ........................................................... &check ...
#	Do not accept wildcard names, because
#
#	    % test -r file*txt
#
#	would succeed, but there is no no such individual file

:0
*  FILE ?? [][*?{}()<>&!'$;]
{
    stat = "invalid-characters"
}


# Check that filename does not have "../" security risk.
# Or dos styled "..\" -- perhaps for NT?

:0
*  FILE ?? \.\.[/\]
{
    stat = "invalid-directory-access"
}


dummy = "$id: end: STAT = $stat"

# Enf of pm-jasrv-check.rc