diff options
| author | Patrick McDermott <patrick.mcdermott@libiquity.com> | 2019-03-13 18:50:33 (EDT) |
|---|---|---|
| committer | Patrick McDermott <patrick.mcdermott@libiquity.com> | 2019-03-13 18:53:16 (EDT) |
| commit | 575858a3709d03b6348add5721cd02e320b424bf (patch) | |
| tree | 3dfe629809b67e2ace96fe959d04bf9795f4a8c5 | |
| parent | bfc5e48be90383aea647a061b8d97518c4274551 (diff) | |
Protect against cmd operands beginning with "-"
| -rw-r--r-- | TODO | 2 | ||||
| -rw-r--r-- | lib/changelog.sh | 2 | ||||
| -rw-r--r-- | lib/control.sh | 2 | ||||
| -rw-r--r-- | lib/metadata/proteanos.sh | 4 | ||||
| -rw-r--r-- | lib/package.sh | 4 | ||||
| -rw-r--r-- | lib/package/2.sh | 2 | ||||
| -rw-r--r-- | src/ob-buildopk.sh | 4 | ||||
| -rw-r--r-- | src/ob-gencontrol.sh | 8 | ||||
| -rw-r--r-- | src/ob-installdocs.sh | 14 | ||||
| -rw-r--r-- | src/ob-installplatconf.sh | 6 | ||||
| -rw-r--r-- | src/ob-unpacksource.sh | 2 | ||||
| -rw-r--r-- | src/opkbuild.sh | 9 |
12 files changed, 29 insertions, 30 deletions
@@ -5,8 +5,6 @@ General Cleanup --------------- * General code auditing and cleanup: - - Protect against command operands beginning with "-", e.g.: - * `mkdir -p -- "${foo}"` instead of `mkdir -p "${foo}"` - Add more error handling. * Write manual pages for functions and utilities. * Change/update option letters for `ob_parse_dep()`. diff --git a/lib/changelog.sh b/lib/changelog.sh index 606282e..00e8332 100644 --- a/lib/changelog.sh +++ b/lib/changelog.sh @@ -184,7 +184,7 @@ ob_parse_changelog() ;; esac done <<-EOF - $(cat "${file}") + $(cat -- "${file}") EOF if [ x"${expect}" != x'next_or_eof' ]; then diff --git a/lib/control.sh b/lib/control.sh index 6e199de..7b2d57d 100644 --- a/lib/control.sh +++ b/lib/control.sh @@ -151,7 +151,7 @@ ob_parse_control() ;; esac done <<-EOF - $(cat "${file}") + $(cat -- "${file}") EOF if [ -n "${name}" ]; then diff --git a/lib/metadata/proteanos.sh b/lib/metadata/proteanos.sh index 6368668..2519433 100644 --- a/lib/metadata/proteanos.sh +++ b/lib/metadata/proteanos.sh @@ -104,14 +104,14 @@ _ob_get_distrev() _ob_get_system_arch() { - cat "${SYSCONFDIR}/proteanos_arch" 2>/dev/null || return 1 + cat -- "${SYSCONFDIR}/proteanos_arch" 2>/dev/null || return 1 return 0 } _ob_get_system_plat() { - cat "${SYSCONFDIR}/proteanos_plat" 2>/dev/null || return 1 + cat -- "${SYSCONFDIR}/proteanos_plat" 2>/dev/null || return 1 return 0 } diff --git a/lib/package.sh b/lib/package.sh index 0ade56a..d66d596 100644 --- a/lib/package.sh +++ b/lib/package.sh @@ -28,10 +28,10 @@ ob_init_package() local dir="${1}" shift 1 || _ob_abort - _OB_PACKAGE_DIR="$(cd "${dir}" && pwd)" + _OB_PACKAGE_DIR="$(cd -- "${dir}" && pwd)" if [ -r "${_OB_PACKAGE_DIR}/format" ]; then - case "$(cat "${_OB_PACKAGE_DIR}/format")" in + case "$(cat -- "${_OB_PACKAGE_DIR}/format")" in 2.0) _OB_PACKAGE_FORMAT='2' ;; diff --git a/lib/package/2.sh b/lib/package/2.sh index 3e362f4..345eac3 100644 --- a/lib/package/2.sh +++ b/lib/package/2.sh @@ -139,7 +139,7 @@ _ob_get_doc_files_2() ../changelog changelog.dist ../README README.dist EOF - cat "${_OB_PACKAGE_DIR}/${doc_pkg}.pkg/docs" + cat -- "${_OB_PACKAGE_DIR}/${doc_pkg}.pkg/docs" return 0 } diff --git a/src/ob-buildopk.sh b/src/ob-buildopk.sh index cfe7585..185cc20 100644 --- a/src/ob-buildopk.sh +++ b/src/ob-buildopk.sh @@ -28,8 +28,8 @@ build_opk() arch="${3}" plat="${4}" - (cd "${binary}.data" && tar -czf '../data.tar.gz' '.') - (cd "${binary}.control" && tar -czf '../control.tar.gz' '.') + (cd -- "${binary}.data" && tar -czf '../data.tar.gz' '.') + (cd -- "${binary}.control" && tar -czf '../control.tar.gz' '.') tar -czf "../../${binary}_${version}_${arch}_${plat}.opk" \ 'debian-binary' 'data.tar.gz' 'control.tar.gz' diff --git a/src/ob-gencontrol.sh b/src/ob-gencontrol.sh index 434e491..94c2471 100644 --- a/src/ob-gencontrol.sh +++ b/src/ob-gencontrol.sh @@ -58,7 +58,7 @@ gen_control() # patch opkg and submit a bug report. inst_size=$((($inst_size + 1023) / 1024)) - mkdir -p "${binary}.control" + mkdir -p -- "${binary}.control" cat >"${binary}.control/control" <<-EOF Package: ${binary} @@ -121,7 +121,7 @@ install_maintainer_scripts() if [ -L "../${binary}.pkg/${script}" ]; then target="$(ls -l "../${binary}.pkg/${script}")" target="${target#* -> }" - ln -s "${target}" "${binary}.control/${script}" + ln -s -- "${target}" "${binary}.control/${script}" elif [ -r "../${binary}.pkg/${script}" ]; then cp "../${binary}.pkg/${script}" "${binary}.control/${script}" chmod 755 "${binary}.control/${script}" @@ -139,7 +139,7 @@ gen_conffiles() find "${binary}.data/etc" -type f | sed "s@^${binary}.data@@" \ >"${binary}.control/conffiles" if [ -z "$(head -n 1 "${binary}.control/conffiles")" ]; then - rm -f "${binary}.control/conffiles" + rm -f -- "${binary}.control/conffiles" else chmod 644 "${binary}.control/conffiles" fi @@ -156,7 +156,7 @@ gen_md5sums() sed "s@ ${binary}.data@ @" \ >"${binary}.control/md5sums" if [ -z "$(head -n 1 "${binary}.control/md5sums")" ]; then - rm -f "${binary}.control/md5sums" + rm -f -- "${binary}.control/md5sums" else chmod 644 "${binary}.control/md5sums" fi diff --git a/src/ob-installdocs.sh b/src/ob-installdocs.sh index e594610..0b3a342 100644 --- a/src/ob-installdocs.sh +++ b/src/ob-installdocs.sh @@ -29,22 +29,22 @@ install_docs() for src in ${srcs}; do if [ -f "${src}" ]; then - if ! mkdir -p "$(dirname "${data_doc_dir}/${dest}")" + if ! mkdir -p -- "$(dirname -- "${data_doc_dir}/${dest}")" then ob_error "$(ob_get_msg 'cant_make_doc_dir')" return 1 fi - if ! cp -R "${src}" "${data_doc_dir}/${dest}"; then + if ! cp -R -- "${src}" "${data_doc_dir}/${dest}"; then ob_error "$(ob_get_msg 'cant_cp_doc_file')" "${src}" return 1 fi elif [ -d "${src}" ]; then - if ! mkdir -p "$(dirname "${data_doc_dir}/${dest}")" + if ! mkdir -p -- "$(dirname -- "${data_doc_dir}/${dest}")" then ob_error "$(ob_get_msg 'cant_make_doc_dir')" return 1 fi - if ! cp -R "${src}/." "${data_doc_dir}/${dest}"; then + if ! cp -R -- "${src}/." "${data_doc_dir}/${dest}"; then ob_error "$(ob_get_msg 'cant_cp_doc_file')" "${src}" return 1 fi @@ -80,7 +80,7 @@ main() ob_info "$(ob_get_msg 'docs_already_installed')" "${pkg}" else ob_info "$(ob_get_msg 'installing_docs')" "${pkg}" - if ! mkdir -p "${data_doc_dir}"; then + if ! mkdir -p -- "${data_doc_dir}"; then ob_error "$(ob_get_msg 'cant_make_doc_dir')" return 1 fi @@ -97,11 +97,11 @@ main() ob_info "$(ob_get_msg 'docs_already_linked')" "${pkg}" else ob_info "$(ob_get_msg 'linking_docs')" "${pkg}" - if ! mkdir -p "${data_doc_dir%/*}"; then + if ! mkdir -p -- "${data_doc_dir%/*}"; then ob_error "$(ob_get_msg 'cant_make_doc_dir')" return 1 fi - if ! ln -s "${doc_pkg_doc_dir}" \ + if ! ln -s -- "${doc_pkg_doc_dir}" \ "${data_doc_dir}"; then ob_error "$(ob_get_msg 'cant_ln_doc_dir')" return 1 diff --git a/src/ob-installplatconf.sh b/src/ob-installplatconf.sh index d980ff8..1ee90cd 100644 --- a/src/ob-installplatconf.sh +++ b/src/ob-installplatconf.sh @@ -37,8 +37,8 @@ copy_config() fi # Make sure the destination directory exists. - dir="(dirname "${dest_base}/${dest}")" - if ! mkdir -p "${dir}"; then + dir="$(dirname -- "${dest_base}/${dest}")" + if ! mkdir -p -- "${dir}"; then ob_error "$(ob_get_msg 'cant_make_config_dest_dir')" \ "${dir}" return 1 @@ -64,7 +64,7 @@ copy_config() # Copy the config file(s). ob_info "$(ob_get_msg 'copying_config_file')" "${src}" "${dest}" - if ! cp -p "${src_base}/${src}" "${dest_base}/${dest}"; then + if ! cp -p -- "${src_base}/${src}" "${dest_base}/${dest}"; then ob_error "$(ob_get_msg 'cant_copy_config_file')" return 1 fi diff --git a/src/ob-unpacksource.sh b/src/ob-unpacksource.sh index 98b2da1..0716257 100644 --- a/src/ob-unpacksource.sh +++ b/src/ob-unpacksource.sh @@ -114,7 +114,7 @@ extract_upstream() ob_error "$(ob_get_msg 'cant_unpack_upstream')" return 1 fi - if ! mv "${upstream_ar_dir}" 'src'; then + if ! mv -- "${upstream_ar_dir}" 'src'; then ob_error "$(ob_get_msg 'cant_move_native')" return 1 fi diff --git a/src/opkbuild.sh b/src/opkbuild.sh index 7392317..4c96098 100644 --- a/src/opkbuild.sh +++ b/src/opkbuild.sh @@ -245,7 +245,7 @@ build_source() src_pkg_data_base="src-${src}.data$(ob_get_system_path 'package-source' \ "${src}" "${ver}")" - if ! "${opt_uid0_cmd}" -- mkdir -p "${src_pkg_data_base}"; then + if ! "${opt_uid0_cmd}" -- mkdir -p -- "${src_pkg_data_base}"; then ob_error "$(ob_get_msg 'cant_make_src_pkg_dir')" return 1 fi @@ -255,7 +255,7 @@ build_source() ../tmp) ;; ../*) - if ! "${opt_uid0_cmd}" -- cp -Rp "${file}" \ + if ! "${opt_uid0_cmd}" -- cp -Rp -- "${file}" \ "${src_pkg_data_base}"; then ob_error "$(ob_get_msg 'cant_install_src_pkg_file')" return 1 @@ -348,12 +348,13 @@ build() return 1 ;; 'install'|'install-'*) - if ! ${opt_uid0_cmd} -- ../build "${opt_target}"; then + if ! ${opt_uid0_cmd} -- ../build -- "${opt_target}" + then return 1 fi ;; *) - if ! ../build "${opt_target}"; then + if ! ../build -- "${opt_target}"; then return 1 fi ;; |