Marc S. Weidner
3983b149e6
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m57s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
93 lines
3.6 KiB
Bash
93 lines
3.6 KiB
Bash
#!/bin/bash
|
|
# SPDX-Version: 3.0
|
|
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
|
|
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
|
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-FileType: SOURCE
|
|
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
|
|
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
|
|
# SPDX-PackageName: CISS.debian.installer
|
|
# SPDX-Security-Contact: security@coresecret.eu
|
|
|
|
guard_sourcing
|
|
|
|
#######################################
|
|
# Argument Check Wrapper.
|
|
# Arguments:
|
|
# 1: "$@" of ./setup.sh
|
|
#######################################
|
|
arg_check() {
|
|
declare a
|
|
declare sanitized_args=()
|
|
for a in "$@"; do
|
|
sanitized_args+=("$( sanitize_arg "${a}")")
|
|
done
|
|
set -- "${sanitized_args[@]}"
|
|
}
|
|
|
|
#######################################
|
|
# Function to sanitize a single argument
|
|
# Globals:
|
|
# C_RED
|
|
# C_RES
|
|
# ERR_UNSAFE_CHARACTER
|
|
# LOG_ERROR
|
|
# NL
|
|
# VAR_IN_DIALOG_WR
|
|
# Arguments:
|
|
# 1: Argument to be sanitized.
|
|
#######################################
|
|
sanitize_arg() {
|
|
declare input="${1}"
|
|
declare disallowed_ctrl=""
|
|
### Step 1: Check for control characters
|
|
if printf '%s' "${input}" | grep -qP '[[:cntrl:]]'; then
|
|
disallowed_ctrl=$(printf '%s' "${input}" | sed -n 's/[^[:cntrl:]]//gp' | sed $'s/./&\\n/g' \
|
|
| while read -r c; do printf "%02X " "'$c"; done)
|
|
{
|
|
printf "❌ Control character : '%s'. %s" "${disallowed_ctrl}" "${NL}"
|
|
printf "❌ in argument : '%s'. %s" "${input}" "${NL}"
|
|
printf "❌ Allowed Characters : 'a-z A-Z 0-9 . _ / = [ ] : \" - + space' %s" "${NL}"
|
|
printf "%s" "${NL}"
|
|
} >> "${LOG_ERROR}"
|
|
case "${VAR_IN_DIALOG_WR}" in
|
|
box ) dialog_box_cleaner ;;
|
|
gauge ) dialog_gauge_cleaner ;;
|
|
esac
|
|
printf "%s❌ Control character : '%s'. %s%s" "${C_RED}" "${disallowed_ctrl}" "${C_RES}" "${NL}" >&2
|
|
printf "%s❌ in argument : '%s'. %s%s" "${C_RED}" "${input}" "${C_RES}" "${NL}" >&2
|
|
printf "%s❌ Allowed Characters : 'a-z A-Z 0-9 . _ / = [ ] : \" - + space' %s%s" "${C_RED}" "${C_RES}" "${NL}" >&2
|
|
# shellcheck disable=SC2162
|
|
read -p $'\e[92m✅ Press \'ENTER\' to exit the script ... \e[0m'
|
|
exit "${ERR_UNSAFE_CHARACTER}"
|
|
fi
|
|
|
|
### Step 2: Define allowed characters:
|
|
### letters, digits, dot, underscore, slash, equals, [, ], colon, double-quote, hyphen, space.
|
|
declare allowed='a-zA-Z0-9._/=\[\]:"\-+ '
|
|
declare disallowed
|
|
disallowed=$(printf '%s' "${input}" | tr -d "${allowed}")
|
|
if [[ -n ${disallowed} ]]; then
|
|
{
|
|
printf "❌ Invalid character : '%s'. %s" "${disallowed//?/& }" "${NL}"
|
|
printf "❌ in argument : '%s'. %s" "${input}" "${NL}"
|
|
printf "❌ Allowed Characters : 'a-z A-Z 0-9 . _ / = [ ] : \" - + space' %s" "${NL}"
|
|
printf "%s" "${NL}"
|
|
} >> "${LOG_ERROR}"
|
|
case "${VAR_IN_DIALOG_WR}" in
|
|
box ) dialog_box_cleaner ;;
|
|
gauge ) dialog_gauge_cleaner ;;
|
|
esac
|
|
printf "%s❌ Invalid character : '%s'. %s%s" "${C_RED}" "${disallowed//?/& }" "${C_RES}" "${NL}" >&2
|
|
printf "%s❌ in argument : '%s'. %s%s" "${C_RED}" "${input}" "${C_RES}" "${NL}" >&2
|
|
printf "%s❌ Allowed Characters : 'a-z A-Z 0-9 . _ / = [ ] : \" - + space' %s%s" "${C_RED}" "${C_RES}" "${NL}" >&2
|
|
# shellcheck disable=SC2162
|
|
read -p $'\e[92m✅ Press \'ENTER\' to exit the script ... \e[0m'
|
|
exit "${ERR_UNSAFE_CHARACTER}"
|
|
else
|
|
printf '%s' "${input}"
|
|
fi
|
|
}
|
|
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|