From 239282d5aab7e40c5a9538aa14887658f70aacda Mon Sep 17 00:00:00 2001
From: Marco Ratto <marco.ratto@jrc.ec.europa.eu>
Date: Fri, 10 Feb 2012 22:06:49 +0100
Subject: [PATCH] added special checksum security checks before removing remote
 directory

---
 matlab/parallel/dynareParallelRmDir.m | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/matlab/parallel/dynareParallelRmDir.m b/matlab/parallel/dynareParallelRmDir.m
index fbdf3ad39..e52786eed 100644
--- a/matlab/parallel/dynareParallelRmDir.m
+++ b/matlab/parallel/dynareParallelRmDir.m
@@ -35,10 +35,28 @@ if nargin ==0,
     return
 end
 
+% security check of remote folder delete
+ok(1)=isempty(strfind(Parallel_info.RemoteTmpFolder,'..'));
+tmp1=strfind(Parallel_info.RemoteTmpFolder,'2');
+ok(2)=tmp1(1)==1;
+ok(3)=~isempty(strfind(Parallel_info.RemoteTmpFolder,'-'));
+ok(4)=~isempty(strfind(Parallel_info.RemoteTmpFolder,'h'));
+ok(5)=~isempty(strfind(Parallel_info.RemoteTmpFolder,'m'));
+ok(6)=~isempty(strfind(Parallel_info.RemoteTmpFolder,'s'));
+ok(7)=~isempty(PRCDir);
+
+if sum(ok)<7,
+    error('The name of the remote tmp folder does not comply the security standards!'),
+end
+
 for indPC=1:length(Parallel),
+    ok(1)=isempty(strfind(Parallel(indPC).RemoteDirectory,'..'));
+    if sum(ok)<7,
+        error('The remote folder path structure does not comply the security standards!'),
+    end
     while (1)
         if ~ispc
-            stat = system(['ssh ',Parallel(indPC).UserName,'@',Parallel(indPC).ComputerName,' rm -fr ',Parallel(indPC).RemoteDirectory,'/',PRCDir]);
+            [stat NonServe] = system(['ssh ',Parallel(indPC).UserName,'@',Parallel(indPC).ComputerName,' rm -fr ',Parallel(indPC).RemoteDirectory,'/',PRCDir]);
             break;
         else
             if exist('OCTAVE_VERSION'), % Patch for peculiar behaviour of rmdir under Windows.
-- 
GitLab