summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Changes2
-rw-r--r--lib/App/BorgRestore.pm3
-rw-r--r--lib/App/BorgRestore/Borg.pm1
-rw-r--r--lib/App/BorgRestore/DB.pm8
-rw-r--r--lib/App/BorgRestore/Helper.pm4
-rw-r--r--t/helper/untaint.t19
6 files changed, 6 insertions, 31 deletions
diff --git a/Changes b/Changes
index 9bb5022..eeb4d3b 100644
--- a/Changes
+++ b/Changes
@@ -1,6 +1,8 @@
Revision history for Perl extension App-BorgRestore
{{$NEXT}}
+ - Remove archive name untaint restrictions (remove untaint_archive_name
+ function)
3.3.0 2019-02-07T16:18:41Z
- Support borg list's --prefix option via $borg_prefix setting
diff --git a/lib/App/BorgRestore.pm b/lib/App/BorgRestore.pm
index afbe918..2ae0a09 100644
--- a/lib/App/BorgRestore.pm
+++ b/lib/App/BorgRestore.pm
@@ -329,7 +329,6 @@ process during method execution since this is required by C<`borg extract`>.
method restore($path, $archive, $destination) {
$destination = App::BorgRestore::Helper::untaint($destination, qr(.*));
$path = App::BorgRestore::Helper::untaint($path, qr(.*));
- my $archive_name = App::BorgRestore::Helper::untaint_archive_name($archive->{archive});
$log->infof("Restoring %s to %s from archive %s", $path, $destination, $archive->{archive});
@@ -346,7 +345,7 @@ method restore($path, $archive, $destination) {
$final_destination = App::BorgRestore::Helper::untaint($final_destination, qr(.*));
$log->debugf("Removing %s", $final_destination);
File::Path::remove_tree($final_destination);
- $self->{deps}->{borg}->restore($components_to_strip, $archive_name, $path);
+ $self->{deps}->{borg}->restore($components_to_strip, $archive->{archive}, $path);
}
$log->debugf("CWD is %s", getcwd());
}
diff --git a/lib/App/BorgRestore/Borg.pm b/lib/App/BorgRestore/Borg.pm
index def6b9c..24c0608 100644
--- a/lib/App/BorgRestore/Borg.pm
+++ b/lib/App/BorgRestore/Borg.pm
@@ -116,6 +116,7 @@ method borg_list_time() {
method restore($components_to_strip, $archive_name, $path) {
$log->debugf("Restoring '%s' from archive %s, stripping %d components of the path", $path, $archive_name, $components_to_strip);
+ $archive_name = App::BorgRestore::Helper::untaint($archive_name, qr(.*));
system(qw(borg extract -v --strip-components), $components_to_strip, $self->{borg_repo}."::".$archive_name, $path);
}
diff --git a/lib/App/BorgRestore/DB.pm b/lib/App/BorgRestore/DB.pm
index fe85c4d..cb51ce1 100644
--- a/lib/App/BorgRestore/DB.pm
+++ b/lib/App/BorgRestore/DB.pm
@@ -125,10 +125,8 @@ method get_archive_row_count() {
}
method add_archive_name($archive) {
- $archive = App::BorgRestore::Helper::untaint_archive_name($archive);
-
my $st = $self->{dbh}->prepare('insert into `archives` (`archive_name`) values (?);');
- $st->execute($archive);
+ $st->execute(App::BorgRestore::Helper::untaint($archive, qr(.*)));
$self->_add_column_to_table("files", $archive);
}
@@ -139,8 +137,6 @@ method _add_column_to_table($table, $column) {
}
method remove_archive($archive) {
- $archive = App::BorgRestore::Helper::untaint_archive_name($archive);
-
my $archive_id = $self->get_archive_id($archive);
my @keep_archives = grep {$_ ne $archive;} @{$self->get_archive_names()};
@@ -172,7 +168,7 @@ method remove_archive($archive) {
}
my $st = $self->{dbh}->prepare('delete from `archives` where `archive_name` = ?;');
- $st->execute($archive);
+ $st->execute(App::BorgRestore::Helper::untaint($archive, qr(.*)));
}
method get_archive_id($archive) {
diff --git a/lib/App/BorgRestore/Helper.pm b/lib/App/BorgRestore/Helper.pm
index 869d4ee..7df250d 100644
--- a/lib/App/BorgRestore/Helper.pm
+++ b/lib/App/BorgRestore/Helper.pm
@@ -23,10 +23,6 @@ fun untaint($data, $regex) {
return $1;
}
-fun untaint_archive_name($archive) {
- return untaint($archive, qr([a-zA-Z0-9-:+\.]+));
-}
-
fun format_timestamp($timestamp) {
return POSIX::strftime "%a. %F %H:%M:%S %z", localtime $timestamp;
}
diff --git a/t/helper/untaint.t b/t/helper/untaint.t
deleted file mode 100644
index 0c2e36a..0000000
--- a/t/helper/untaint.t
+++ /dev/null
@@ -1,19 +0,0 @@
-use strictures 2;
-
-use Log::Any::Adapter ('TAP');
-use Test::More;
-use Test::Exception;
-
-use App::BorgRestore::Helper;
-
-ok(App::BorgRestore::Helper::untaint_archive_name('abc-1234:5+1') eq 'abc-1234:5+1');
-ok(App::BorgRestore::Helper::untaint_archive_name('abc') eq 'abc');
-ok(App::BorgRestore::Helper::untaint_archive_name('root-2016-09-30T15+02:00.checkpoint') eq 'root-2016-09-30T15+02:00.checkpoint');
-
-dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc`"\'')}, 'special chars not allowed');
-dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc`')}, 'special chars not allowed');
-dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc"')}, 'special chars not allowed');
-dies_ok(sub{App::BorgRestore::Helper::untaint_archive_name('abc\'')}, 'special chars not allowed');
-
-
-done_testing;