1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#!/usr/bin/env bash
# Usage: pyenv version-file-read <file>
set -e
[ -n "$PYENV_DEBUG" ] && set -x
VERSION_FILE="$1"
function is_version_safe() {
# As needed, check that the constructed path exists as a child path of PYENV_ROOT/versions
version="$1"
if [[ "$version" == ".." || "$version" == */* ]]; then
# Sanity check the value of version to prevent malicious path-traversal
(
cd "$PYENV_ROOT/versions/$version" &>/dev/null || exit 1
[[ "$PWD" == "$PYENV_ROOT/versions/"* ]]
)
return $?
else
return 0
fi
}
if [ -s "$VERSION_FILE" ]; then
# Read the first non-whitespace word from the specified version file.
# Be careful not to load it whole in case there's something crazy in it.
IFS="$IFS"$'\r'
sep=
while read -n 1024 -r version _ || [[ $version ]]; do
if [[ -z "$version" || "$version" == \#* ]]; then
# Skip empty lines and comments
continue
elif ! is_version_safe "$version"; then
# CVE-2022-35861 allowed arbitrary code execution in some contexts and is mitigated by is_version_safe.
echo "pyenv: invalid version \`$version' ignored in \`$VERSION_FILE'" >&2
continue
fi
printf "%s%s" "$sep" "$version"
sep=:
done <"$VERSION_FILE"
[[ $sep ]] && { echo; exit; }
fi
exit 1
|
