From e4fa5bb4891f855c67c6198d8f56817717592986 Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <mitchell.hashimoto@gmail.com>
Date: Sat, 5 May 2012 20:01:14 -0700
Subject: [PATCH] Validate that commands only contain proper characters

---
 lib/vagrant/plugin/v1.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/vagrant/plugin/v1.rb b/lib/vagrant/plugin/v1.rb
index 3d3737ac6..aa09e5ff2 100644
--- a/lib/vagrant/plugin/v1.rb
+++ b/lib/vagrant/plugin/v1.rb
@@ -4,6 +4,13 @@ module Vagrant
   module Plugin
     # The superclass for version 1 plugins.
     class V1
+      # Exceptions that can be thrown within the plugin interface all
+      # inherit from this parent exception.
+      class Error < StandardError; end
+
+      # This is thrown when a command name given is invalid.
+      class InvalidCommandName < Error; end
+
       LOGGER = Log4r::Logger.new("vagrant::plugin::v1")
 
       # Returns a list of registered plugins for this version.
@@ -66,6 +73,11 @@ module Vagrant
       def self.command(name=UNSET_VALUE, &block)
         data[:command] ||= Registry.new
 
+        # Validate the name of the command
+        if name.to_s !~ /^[-a-z0-9]/i
+          raise InvalidCommandName, "Commands can only contain letters, numbers, and hyphens"
+        end
+
         # Register a new command class only if a name was given.
         data[:command].register(name.to_sym, &block) if name != UNSET_VALUE