diff options
| author | Florian Pritz <bluewind@xinu.at> | 2019-09-28 14:30:19 +0200 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2019-09-28 15:25:57 +0200 |
| commit | 2283a5a231b301b01f3c43a20853b4ee41a5582c (patch) | |
| tree | c1d449356a37f29551ff85c09d0bb48f4b748985 /t | |
| parent | 4eaf6823cbf2c2d332b317e6f6f755b23b6a1d1f (diff) | |
| download | App-BorgRestore-2283a5a231b301b01f3c43a20853b4ee41a5582c.tar.gz App-BorgRestore-2283a5a231b301b01f3c43a20853b4ee41a5582c.tar.xz | |
Helper: Remove untaint_archive_name
We no longer need a special whitelist for archive names since the
database no longer uses them as column keys. We still need to untaint
variables that are passed to DBI so we use untaint() for this now. We
also move the location of the untaint call closer to its usage with
DBI/system() to prevent untainted data from leaking elsewhere.
Fixes #4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 't')
| -rw-r--r-- | t/helper/untaint.t | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/t/helper/untaint.t b/t/helper/untaint.t deleted file mode 100644 index 0c2e36a..0000000 --- a/t/helper/untaint.t +++ /dev/null @@ -1,19 +0,0 @@ -use strictures 2; - -use Log::Any::Adapter ('TAP'); -use Test::More; -use Test::Exception; - -use App::BorgRestore::Helper; - -ok(App::BorgRestore::Helper::untaint_archive_name('abc-1234:5+1') eq 'abc-1234:5+1'); -ok(App::BorgRestore::Helper::untaint_archive_name('abc') eq 'abc'); -ok(App::BorgRestore::Helper::untaint_archive_name('root-2016-09-30T15+02:00.checkpoint') eq 'root-2016-09-30T15+02:00.checkpoint'); - -dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc`"\'')}, 'special chars not allowed'); -dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc`')}, 'special chars not allowed'); -dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc"')}, 'special chars not allowed'); -dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc\'')}, 'special chars not allowed'); - - -done_testing; |