From 79972e028d76f7e816928c0b57be1e35c22b4242 Mon Sep 17 00:00:00 2001 From: teastep Date: Wed, 9 May 2007 20:55:54 +0000 Subject: [PATCH] Forbid both single and double quotes in config file entries (single quotes ok in comments) git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6311 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Chains.pm | 3 +-- Shorewall-perl/Shorewall/Config.pm | 4 ++++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm index f846bf3ae..296432111 100644 --- a/Shorewall-perl/Shorewall/Chains.pm +++ b/Shorewall-perl/Shorewall/Chains.pm @@ -264,7 +264,6 @@ my $chainseq; sub process_comment() { if ( $capabilities{COMMENTS} ) { ( $comment = $line ) =~ s/^\s*COMMENT\s*//; - fatal_error "COMMENT lines may not contain double quotes" if $comment =~ /"/; fatal_error "Invalid COMMENT line" if length $line >= 2 && substr( $line, -1) eq '\\'; } else { warning_message "COMMENT ignored -- requires comment support in iptables/Netfilter"; @@ -315,7 +314,7 @@ sub add_file( $$ ) { my $file = find_file $_[1]; if ( -f $file ) { - open EF , '<', $file or fatal_error "Unable to open $file"; + open EF , '<', $file or fatal_error "Unable to open $file: $!"; add_commands( $chainref, qq(progress_message "Processing $file..."), diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 7315c3ffd..84a65cb27 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -309,10 +309,14 @@ my %no_pad = ( COMMENT => 1, sub split_line( $$$ ) { my ( $mincolumns, $maxcolumns, $description ) = @_; + fatal_error "Shorewall Configuration file entries may not contain double quotes" if $line =~ /"/; + my @line = split /\s+/, $line; return @line if $no_pad{$line[0]}; + fatal_error "Shorewall Configuration file entries may not contain single quotes" if $line =~ /'/; + fatal_error "Invalid $description entry (too few columns)" if @line < $mincolumns; fatal_error "Invalid $description entry (too many columns)" if @line > $maxcolumns;