version 1.248, 2004/09/03 10:13:59
|
version 1.249, 2004/09/07 10:05:23
|
Line 1306 sub du_handler {
|
Line 1306 sub du_handler {
|
&Failure($client,"refused\n","$cmd:$ududir"); |
&Failure($client,"refused\n","$cmd:$ududir"); |
return 1; |
return 1; |
} |
} |
my $duout = `du -ks $ududir 2>/dev/null`; |
# Since $ududir could have some nasties in it, |
$duout=~s/[^\d]//g; #preserve only the numbers |
# we will require that ududir is a valid |
&Reply($client,"$duout\n","$cmd:$ududir"); |
# directory. Just in case someone tries to |
|
# slip us a line like .;(cd /home/httpd rm -rf*) |
|
# etc. |
|
# |
|
if (-d $ududir) { |
|
# And as Shakespeare would say to make |
|
# assurance double sure, quote the $ududir |
|
# This is in case someone manages to first |
|
# e.g. fabricate a valid directory with a ';' |
|
# in it. Quoting the dir will help |
|
# keep $ududir completely interpreted as a |
|
# directory. |
|
# |
|
my $duout = `du -ks "$ududir" 2>/dev/null`; |
|
$duout=~s/[^\d]//g; #preserve only the numbers |
|
&Reply($client,"$duout\n","$cmd:$ududir"); |
|
} else { |
|
&Failure($client, "bad_directory:$ududir", $userinput); |
|
} |
return 1; |
return 1; |
} |
} |
®ister_handler("du", \&du_handler, 0, 1, 0); |
®ister_handler("du", \&du_handler, 0, 1, 0); |
Line 1370 sub ls_handler {
|
Line 1388 sub ls_handler {
|
$ulsout='no_such_dir'; |
$ulsout='no_such_dir'; |
} |
} |
if ($ulsout eq '') { $ulsout='empty'; } |
if ($ulsout eq '') { $ulsout='empty'; } |
print $client "$ulsout\n"; |
&Reply($client, "$ulsout\n", $userinput); # This supports debug logging. |
|
|
return 1; |
return 1; |
|
|
Line 4989 sub validate_user {
|
Line 5007 sub validate_user {
|
# At the end of this function. I'll ensure that it's not still that |
# At the end of this function. I'll ensure that it's not still that |
# value so we don't just wind up returning some accidental value |
# value so we don't just wind up returning some accidental value |
# as a result of executing an unforseen code path that |
# as a result of executing an unforseen code path that |
# did not set $validated. |
# did not set $validated. At the end of valid execution paths, |
|
# validated shoule be 1 for success or 0 for failuer. |
|
|
my $validated = -3.14159; |
my $validated = -3.14159; |
|
|
Line 5077 sub validate_user {
|
Line 5096 sub validate_user {
|
# |
# |
|
|
unless ($validated != -3.14159) { |
unless ($validated != -3.14159) { |
die "ValidateUser - failed to set the value of validated"; |
# I >really really< want to know if this happens. |
|
# since it indicates that user authentication is badly |
|
# broken in some code path. |
|
# |
|
die "ValidateUser - failed to set the value of validated $domain, $user $password"; |
} |
} |
return $validated; |
return $validated; |
} |
} |