i have script orchestrates number of processes, of create logs in location defined in parameter file (ie separate script). prior running processes, script empties log location e.g.
rem logloc loaded parameter file del /f /q /s %logloc%\*.* clearly dangerous. if reason logloc incorrectly defined, catastrophic. modified script add safety...
if "%logloc%" equ "" ( echo fatal error: logloc not defined exit /b 1 ) del /f /q /s %logloc%\*.* ... not account instances logloc might accidentally defined '.' or '..'.
is there better pattern checking parameter before using in potentially harmful way?
edit: i'm adding following validation rules suggested fejese.
- check it's @ least 4 chars in length e.g. c:\l
- validate char 1 in a-z
- validate chars 2,3 = :\
- validate path exists , directory
if can figure these out post results credit go fejese pointing me in right direction...
there no way script tell whether parameter got safe or not, unless set rules.
- you hard code prefix in script has matched.
- you restrict delete pattern remove log files example.
Comments
Post a Comment