From 8cdc0f33eb6489953376fb5394b4dfaf4c2229c1 Mon Sep 17 00:00:00 2001
From: "Kyle J. McKay" <mackyle@gmail.com>
Date: Wed, 3 Mar 2021 22:17:55 -0700
Subject: [PATCH] Girocco/Dumper.pm: make GetConfPath more paranoid

Believe it or not, some systems respond to this:

    /usr/bin/getconf PATH

With something like this:

    /usr/bin:/bin:/usr/sbin:/sbin:

Notice the bogus extra ":" on the end!  That would cause
the current directory to be searched!

Process the value returned by `getconf PATH` to expunge
any non-absolute-path directories and any paths that contain
a '/.' sequence to make sure the result is reasonably secure.

Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
---
 Girocco/Dumper.pm | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/Girocco/Dumper.pm b/Girocco/Dumper.pm
index d7a7f60..8307f3b 100644
--- a/Girocco/Dumper.pm
+++ b/Girocco/Dumper.pm
@@ -193,11 +193,15 @@ sub FreezeConfig {
 }
 
 sub GetConfPath {
+	local ($ENV{IFS}, $ENV{CDPATH}, $ENV{ENV}, $ENV{BASH_ENV});
 	local $ENV{PATH} = "/usr/bin:/bin";
 	my $cs_path = qx(getconf PATH 2>/dev/null);
-	defined($cs_path) and chomp $cs_path;
-	defined($cs_path) && $cs_path ne "" or
-	$cs_path = $ENV{PATH};
+	defined($cs_path) or $cs_path = "";
+	chomp $cs_path; $cs_path =~ s/^\s+//; $cs_path =~ s/\s+$//;
+	$cs_path = join(":", grep(!m{/[.]}, grep(m{^/.},
+		split(/\s*:+\s*/, $cs_path))));
+	$cs_path =~ m{^(/.+)$} and $cs_path = $1;
+	$cs_path ne "" or $cs_path = $ENV{PATH};
 	return $cs_path;
 }
 
-- 
2.11.4.GIT