All Projects apt-panopticon  apt-panopticon_cgp boxes meta-impy  ImpyReleaseBuilder NPC-tool SledjHamr  IGnoble  NGIW  opensim-SC toyboxInstaller website - cgit website - CGraphz website - Mantis

View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000126apt-panopticonTODOpublic2019-11-01 05:492019-12-23 03:33
Reporteronefang Assigned Toonefang  
PriorityhighSeveritymajorReproducibilityN/A
Status resolvedResolutionfixed 
Target Version0.1Fixed in Version0.1 
Summary0000126: Validate mirror_list.txt a bit more.
DescriptionIt's external input.
TagsNo tags attached.

Activities

onefang

onefang

2019-11-15 04:05

administrator   ~0000230

Input validation - I need to remove anything that might turn into a Lua assignment (=), or a Lua function call ((){}[[]]). Probably should remove any module loading stuff to.

Output validation - I need to remove anything that'll screw with URLs badly.

Check FDQN / first part of BaseURL before the slash.
Check bit after the BaseURL slash is only a path.
Check "Protocols" is well formed and only includes the protocols we care about.

Issue History

Date Modified Username Field Change
2019-11-01 05:49 onefang New Issue
2019-11-01 05:49 onefang Status new => assigned
2019-11-01 05:49 onefang Assigned To => onefang
2019-11-06 12:55 onefang Summary Validate mirrors.txt a bit more. => Validate mirror_list.txt a bit more.
2019-11-15 04:05 onefang Note Added: 0000230
2019-12-23 03:33 onefang Status assigned => resolved
2019-12-23 03:33 onefang Resolution open => fixed
2019-12-23 03:33 onefang Fixed in Version => 0.1