From 245b3fc019642f1f2b47918f67a4aa22bcf4860d Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Fri, 19 Jan 2024 04:28:03 +0100
Subject: [PATCH] fix: Sanitize filename (#55)
---
src/install.sh | 29 +++++++++++------------------
1 file changed, 11 insertions(+), 18 deletions(-)
diff --git a/src/install.sh b/src/install.sh
index bfbb583..06f0761 100644
--- a/src/install.sh
+++ b/src/install.sh
@@ -48,16 +48,22 @@ fi
MSG="Please wait while Windows is being started..."
-if [ ! -f "$STORAGE/custom.iso" ]; then
+BASE="custom.iso"
+if [ ! -f "$STORAGE/$BASE" ]; then
+
if [[ "$EXTERNAL" != [Yy1]* ]]; then
- if [ ! -f "$STORAGE/$VERSION.iso" ]; then
+ BASE="$VERSION.iso"
+ if [ ! -f "$STORAGE/$BASE" ]; then
MSG="Please wait while Windows is being downloaded..."
fi
else
- BASE=$(basename "$VERSION")
+ BASE=$(basename "${VERSION%%\?*}")
+ : "${BASE//+/ }"; printf -v BASE '%b' "${_//%/\\x}"
+ BASE=$(echo "$BASE" | sed -e 's/[^A-Za-z0-9._-]/_/g')
+
if [ ! -f "$STORAGE/$BASE" ]; then
MSG="Please wait while '$BASE' is being downloaded..."
fi
@@ -68,19 +74,6 @@ fi
# Display wait message
/run/server.sh "Windows" "$MSG" &
-BASE="custom.iso"
-[ -f "$STORAGE/$BASE" ] && return 0
-
-if [[ "$EXTERNAL" != [Yy1]* ]]; then
-
- BASE="$VERSION.iso"
-
-else
-
- BASE=$(basename "$VERSION")
-
-fi
-
[ -f "$STORAGE/$BASE" ] && return 0
TMP="$STORAGE/tmp"
@@ -250,8 +243,6 @@ else
[ -n "$XML" ] && error "Warning: XML file '$XML' does not exist, $FB" && echo
fi
-info "Generating new ISO image for installation..."
-
ETFS="boot/etfsboot.com"
EFISYS="efi/microsoft/boot/efisys_noprompt.bin"
@@ -264,6 +255,8 @@ if [ -f "$DIR/$ETFS" ]; then
ISO="$TMP/$LABEL.tmp"
rm -f "$ISO"
+ info "Generating new ISO image for installation..."
+
genisoimage -b "$ETFS" -no-emul-boot -c "$CAT" -iso-level 4 -J -l -D -N -joliet-long -relaxed-filenames -quiet -V "$LABEL" -udf \
-boot-info-table -eltorito-alt-boot -eltorito-boot "$EFISYS" -no-emul-boot -o "$ISO" -allow-limited-size "$DIR"