diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-08-31 02:43:03 +0000 | 
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-08-31 02:43:03 +0000 | 
| commit | bed43bb9880622d0c911336ad8b1c266eca244fc (patch) | |
| tree | 18e85dc93c0f31c110bfa348d9d40c574ed0909b /server | |
| parent | f13e24eb2e01ecb6d6d9f0fca35ad5d22b47d248 (diff) | |
Implement argument checking.  Stop explicitly including the MySQL driver
since DBI doesn't require it.
Diffstat (limited to 'server')
| -rwxr-xr-x | server/wallet-backend | 28 | 
1 files changed, 27 insertions, 1 deletions
| diff --git a/server/wallet-backend b/server/wallet-backend index e8617cd..6fed995 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -14,12 +14,38 @@ our $ID = q$Id$;  use strict;  use DBI; -use DBD::MySQL;  use Sys::Syslog qw(openlog syslog);  use Wallet::Config;  use Wallet::Server;  ############################################################################## +# Parameter checking +############################################################################## + +# Check all arguments against a very restricted set of allowed characters and +# to ensure the right number of arguments are taken.  The arguments are the +# number of arguments expected, a reference to an array of which argument +# numbers shouldn't be checked, and then the arguments. +# +# This function is probably temporary and will be replaced with something that +# knows more about the syntax of each command and can check more things. +sub check_args { +    my ($count, $exclude, @args) = @_; +    if (@args < $count) { +        die "insufficient arguments\n"; +    } elsif (@args > $count) { +        die "too many arguments\n"; +    } +    my %exclude = map { $_ => 1 } @$exclude; +    for (my $i = 1; $i <= @args; $i++) { +        next if $exclude{$i}; +        unless ($args[$i - 1] =~ m,^[\w_/.-]+\z,) { +            die "invalid characters in argument: $args[$i - 1]\n"; +        } +    } +} + +##############################################################################  # Implementation  ############################################################################## | 
