Closed jrguzman-intel closed 7 years ago
+1, pending the changes from #16 being merged.
This change also requires a format bump, because the system() calls need removing in swupd-client first, as addressed in clearlinux/swupd-client#74
The blocking client changes are now tracked at clearlinux/swupd-client#144.
I'm reconsidering this patch. It's true that by removing the use of system()
in swupd-client, the special characters interpreted by the shell no longer need to be filtered out from manifests. But I think we should still ban characters if they compromise manifest structure.
Namely, I think we should ban '\n'
, since the files in a manifest are newline-separated.
https://github.com/clearlinux/swupd-server/pull/16 must be discussed first.
Not merging due to https://github.com/clearlinux/swupd-client/pull/144.
@tmarcu I think we need to open a new issue, because the illegal character list requires revision. At minimum, we need to add '\n'
to the list, because its presence would corrupt manifest structure.
After replacing system() for system_argv() calls, no more filter for special characteres needed for filenames.
-> This patch must be merged after pull request #16 <-
Signed-off-by: Jose R Guzman jose.r.guzman.mosqueda@intel.com