From aa87d67258a5b6742fc53d06c7bdac0f643bc9f1 Mon Sep 17 00:00:00 2001
From: Ch3LL <megan.wilhite@gmail.com>
Date: Tue, 1 Aug 2017 13:44:32 -0400
Subject: [PATCH] Add clean_id function to salt.utils.verify.py

---
 salt/utils/verify.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/salt/utils/verify.py b/salt/utils/verify.py
index 5cac0fa651b..a3dc67db336 100644
--- a/salt/utils/verify.py
+++ b/salt/utils/verify.py
@@ -484,12 +484,21 @@ def clean_path(root, path, subdir=False):
     return ''
 
 
+def clean_id(id_):
+    '''
+    Returns if the passed id is clean.
+    '''
+    if re.search(r'\.\.{sep}'.format(sep=os.sep), id_):
+        return False
+    return True
+
+
 def valid_id(opts, id_):
     '''
     Returns if the passed id is valid
     '''
     try:
-        return bool(clean_path(opts['pki_dir'], id_))
+        return bool(clean_path(opts['pki_dir'], id_)) and clean_id(id_)
     except (AttributeError, KeyError) as e:
         return False