From 127e0ffe22cbc7aefcb5e659f1bb08b062823ab8 Mon Sep 17 00:00:00 2001 From: Seednode Date: Sun, 31 Dec 2023 16:04:54 -0600 Subject: [PATCH] Restrict --admin-prefix values to same character set as --ignore-file --- cmd/errors.go | 4 ++-- cmd/files.go | 2 -- cmd/root.go | 8 ++++---- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/cmd/errors.go b/cmd/errors.go index 00e20b8..807ae8d 100644 --- a/cmd/errors.go +++ b/cmd/errors.go @@ -16,11 +16,11 @@ import ( ) var ( - ErrInvalidAdminPrefix = errors.New("admin path must not contain a '/'") + ErrInvalidAdminPrefix = errors.New("admin path must match the pattern " + AllowedCharacters) ErrInvalidConcurrency = errors.New("concurrency limit must be between 1 and 8192 inclusive") ErrInvalidFileCountRange = errors.New("maximum file count limit must be greater than or equal to minimum file count limit") ErrInvalidFileCountValue = errors.New("file count limits must be non-negative integers no greater than 2147483647") - ErrInvalidIgnoreFile = errors.New("ignore filename must match the pattern " + ignoreFilePattern) + ErrInvalidIgnoreFile = errors.New("ignore filename must match the pattern " + AllowedCharacters) ErrInvalidPort = errors.New("listen port must be an integer between 1 and 65535 inclusive") ErrNoMediaFound = errors.New("no supported media formats found which match all criteria") ) diff --git a/cmd/files.go b/cmd/files.go index d7b0c2f..55f69da 100644 --- a/cmd/files.go +++ b/cmd/files.go @@ -22,8 +22,6 @@ import ( "seedno.de/seednode/roulette/types" ) -const ignoreFilePattern string = `^[A-z0-9.\-_]+$` - type regexes struct { alphanumeric *regexp.Regexp filename *regexp.Regexp diff --git a/cmd/root.go b/cmd/root.go index 2aaef1e..fa3ff33 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -8,13 +8,13 @@ import ( "log" "math" "regexp" - "strings" "github.com/spf13/cobra" ) const ( - ReleaseVersion string = "3.5.2" + AllowedCharacters string = `^[A-z0-9.\-_]+$` + ReleaseVersion string = "3.5.3" ) var ( @@ -79,9 +79,9 @@ var ( return ErrInvalidPort case Concurrency < 1 || Concurrency > 8192: return ErrInvalidConcurrency - case Ignore && !regexp.MustCompile(ignoreFilePattern).MatchString(IgnoreFile): + case Ignore && !regexp.MustCompile(AllowedCharacters).MatchString(IgnoreFile): return ErrInvalidIgnoreFile - case strings.Contains(AdminPrefix, "/"): + case AdminPrefix != "" && !regexp.MustCompile(AllowedCharacters).MatchString(AdminPrefix): return ErrInvalidAdminPrefix case AdminPrefix != "": AdminPrefix = "/" + AdminPrefix