X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;ds=sidebyside;f=tools%2Fdebianqueued-0.9%2Fdebianqueued;h=f9da96fa69f8776f7f8f3e65f67daaaf5fbeb6c9;hb=10e1a17a6c7c0dbfc3a7b20f37a23ee153b25b66;hp=45f1242781fe7bc54948fa66a19ad215957b2e22;hpb=9b194c0a49096be2d659906c98500d2981b75b53;p=dak.git

diff --git a/tools/debianqueued-0.9/debianqueued b/tools/debianqueued-0.9/debianqueued
index 45f12427..f9da96fa 100755
--- a/tools/debianqueued-0.9/debianqueued
+++ b/tools/debianqueued-0.9/debianqueued
@@ -1708,6 +1708,13 @@ sub pgp_check($) {
   my $stat;
   local (*PIPE);
 
+  if ($file =~ /^([-\w.+~]+)$/) {
+    $file = $1;
+  } else {
+    msg( "log", "Tainted filename, skipping: $file\n" );
+    return "LOCAL ERROR";
+  }
+
   $stat = 1;
   if ( -x $conf::gpg ) {
     debug(   "executing $conf::gpg --no-options --batch "