I was trying to restore a backup via thumb drive and I've found that the restore script doesn't allow spaces in the filename. It fails on several lines because the filename isn't surrounded by quotes, breaking the commands with "invalid parameters".
For testing purposes, I changed the /etc/init.d/rc3.d/S50restore script and the diff bellow seems to handle correctly those filenames now.
--- S50restore.orig 2012-11-28 11:25:36.445770820 -0200
+++ S50restore.new 2012-11-28 11:28:20.113773205 -0200
@@ -24,12 +24,12 @@
local DIR=${1?} REMOVE=$2 ABF FILE LOCK
for ABF in $DIR/*.abf; do
- test -r $ABF || break
+ test -r "$ABF" || break
FILE=${ABF##*/}
LOCK=/var/lock/restore-${FILE%.abf}.lock
- test -r $LOCK && return 1
+ test -r "$LOCK" && return 1
test -z "$REMOVE" && touch $LOCK
if test ${#FILE} -le 48; then
echo -n "($FILE)"
@@ -37,9 +37,9 @@
echo -n "(${FILE:0:45}...)"
fi
- $BACKUP -i $ABF > /dev/null 2>&1
+ $BACKUP -i "$ABF" > /dev/null 2>&1
rc_status -v
- test -n "$REMOVE" && rm -f $ABF /var/restore/restore.ini
+ test -n "$REMOVE" && rm -f "$ABF" /var/restore/restore.ini
return 0
done
I was wonder, though, if the missing quotes wouldn't allow some sort of code injection through a maliciously crafted filename. Since it is automatically executed after a reboot, it would allow a very stealhy cracking for anyone with access to the box.
Thank you!
This thread was automatically locked due to age.