Index: usr.sbin/periodic/periodic.sh
===================================================================
--- usr.sbin/periodic/periodic.sh
+++ usr.sbin/periodic/periodic.sh
@@ -17,11 +17,11 @@
 output_pipe()
 {
     # Where's our output going ?
-    eval output=\$${1##*/}_output
+    eval output=\$$(basename $1)_output
     case "$output" in
     /*) pipe="cat >>$output";;
     "") pipe=cat;;
-    *)  pipe="mail -E -s '$host ${2}${2:+ }${1##*/} run output' $output";;
+    *)  pipe="mail -E -s '$host ${2}${2:+ }$(basename $1) run output' $output";;
     esac
     eval $pipe
 }
@@ -48,7 +48,7 @@
 if [ $1 != "LOCKED" ]; then
     ret=0
     for arg; do
-        lockfile=/var/run/periodic.${arg##*/}.lock
+        lockfile=/var/run/periodic.$(basename $arg).lock
         lockf -t 0 "${lockfile}" /bin/sh $0 LOCKED "$arg"
         case $? in
         0) ;;
@@ -58,7 +58,7 @@
             ret=1
             ;;
         75) #EX_TEMPFAIL
-            echo "$host ${arg##*/} prior run still in progress" | \
+            echo "$host $(basename $arg) prior run still in progress" | \
                 output_pipe $arg "$PERIODIC"
             ret=1
             ;;
@@ -76,6 +76,15 @@
 shift
 arg=$1
 
+# Test to make sure that the base directory has a valid name. Since
+# the configuration file uses this name in sh(1) variables, it must
+# only contain alphanumerics and underscore, and can't start with a
+# number.
+if echo $(basename $arg) | grep -Eqv ^[a-zA-Z_][a-zA-Z0-9_]*$; then
+    echo "$0: $(basename $arg) is not a valid directory name - must be a valid sh(1) variable name" >&2
+    exit 1
+fi
+
 if [ -z "$PERIODIC_ANTICONGESTION_FILE" ] ; then
 	export PERIODIC_ANTICONGESTION_FILE=`mktemp ${TMPDIR:-/tmp}/periodic.anticongestion.XXXXXXXXXX`
 	remove_periodic_anticongestion_file=yes
@@ -97,7 +106,7 @@
 
 success=YES info=YES badconfig=NO empty_output=YES	# Defaults when ${run}_* aren't YES/NO
 for var in success info badconfig empty_output; do
-    case $(eval echo "\$${arg##*/}_show_$var") in
+    case $(eval echo "\$$(basename $arg)_show_$var") in
     [Yy][Ee][Ss]) eval $var=YES;;
     [Nn][Oo])     eval $var=NO;;
     esac
@@ -115,6 +124,10 @@
     for top in /etc/periodic ${local_periodic}; do
         [ -d $top/$arg ] && dirlist="$dirlist $top/$arg"
     done
+    if [ -z "$dirlist" ]; then
+        echo "$0: $arg not found" >&2
+        exit 1
+    fi
     ;;
 esac