Harden export_debian_orig_from_git a bit

mlschroe · mlschroe · commit ac197fdc2415 · 2024-11-11T14:12:44.000+01:00
Make sure the name/version from the control file only include
allowed characters like defined in the debian policy documentation.
diff --git a/build b/build
@@ -867,6 +867,7 @@ copy_sources() {
 	done
 	if test -f "$1/debian/control" ; then
 	    echo "exporting debian orig tarballs"
+	    rm -rf "$2/build.origtar"
 	    $BUILD_DIR/export_debian_orig_from_git "$1" "$2/build.origtar" || cleanup_and_exit 1 "export_debian_orig_from_git failed"
 	fi
     else
diff --git a/export_debian_orig_from_git b/export_debian_orig_from_git
@@ -38,6 +38,7 @@ sub get_pristine_commit {
 
 sub export_blob {
   my ($blob, $out) = @_;
+  unlink($out);		# just in case
   my $fd;
   my $pid = open($fd, '|-');
   die("fork: $!\n") unless defined $pid;
@@ -86,6 +87,9 @@ my ($name, $version) = get_name_version();
 die("Could not determine name and version\n") unless defined $version;
 $version =~ s/-.*?$//;	# strip release
 
+# verify name/version and construct tar filename
+die("Bad package name in changelog\n") unless $name =~ /^[a-zA-Z][a-zA-Z0-9+\-\.]+$/s;
+die("Bad package version in changelog\n") unless $version =~ /^[a-zA-Z0-9][a-zA-Z0-9:~+\-\.]*$/s;
 my $tarfile = "${name}_$version.orig.tar";
 
 my $tag = $version;
@@ -94,6 +98,7 @@ $tag =~ s/:/%/g;
 $tag = "upstream/$tag";
 
 # export the (uncompressed) tar archive
+unlink("$to/$tarfile");		# just in case
 system('git', 'archive', '--format=tar', "--prefix=$name-$version/", "--output=$to/$tarfile", $tag) && die("git archive $tag failed: $?\n");
 
 # export pristine-tar entries if present
