From 575858a3709d03b6348add5721cd02e320b424bf Mon Sep 17 00:00:00 2001 From: Patrick McDermott Date: Wed, 13 Mar 2019 18:50:33 -0400 Subject: Protect against cmd operands beginning with "-" --- (limited to 'lib') diff --git a/lib/changelog.sh b/lib/changelog.sh index 606282e..00e8332 100644 --- a/lib/changelog.sh +++ b/lib/changelog.sh @@ -184,7 +184,7 @@ ob_parse_changelog() ;; esac done <<-EOF - $(cat "${file}") + $(cat -- "${file}") EOF if [ x"${expect}" != x'next_or_eof' ]; then diff --git a/lib/control.sh b/lib/control.sh index 6e199de..7b2d57d 100644 --- a/lib/control.sh +++ b/lib/control.sh @@ -151,7 +151,7 @@ ob_parse_control() ;; esac done <<-EOF - $(cat "${file}") + $(cat -- "${file}") EOF if [ -n "${name}" ]; then diff --git a/lib/metadata/proteanos.sh b/lib/metadata/proteanos.sh index 6368668..2519433 100644 --- a/lib/metadata/proteanos.sh +++ b/lib/metadata/proteanos.sh @@ -104,14 +104,14 @@ _ob_get_distrev() _ob_get_system_arch() { - cat "${SYSCONFDIR}/proteanos_arch" 2>/dev/null || return 1 + cat -- "${SYSCONFDIR}/proteanos_arch" 2>/dev/null || return 1 return 0 } _ob_get_system_plat() { - cat "${SYSCONFDIR}/proteanos_plat" 2>/dev/null || return 1 + cat -- "${SYSCONFDIR}/proteanos_plat" 2>/dev/null || return 1 return 0 } diff --git a/lib/package.sh b/lib/package.sh index 0ade56a..d66d596 100644 --- a/lib/package.sh +++ b/lib/package.sh @@ -28,10 +28,10 @@ ob_init_package() local dir="${1}" shift 1 || _ob_abort - _OB_PACKAGE_DIR="$(cd "${dir}" && pwd)" + _OB_PACKAGE_DIR="$(cd -- "${dir}" && pwd)" if [ -r "${_OB_PACKAGE_DIR}/format" ]; then - case "$(cat "${_OB_PACKAGE_DIR}/format")" in + case "$(cat -- "${_OB_PACKAGE_DIR}/format")" in 2.0) _OB_PACKAGE_FORMAT='2' ;; diff --git a/lib/package/2.sh b/lib/package/2.sh index 3e362f4..345eac3 100644 --- a/lib/package/2.sh +++ b/lib/package/2.sh @@ -139,7 +139,7 @@ _ob_get_doc_files_2() ../changelog changelog.dist ../README README.dist EOF - cat "${_OB_PACKAGE_DIR}/${doc_pkg}.pkg/docs" + cat -- "${_OB_PACKAGE_DIR}/${doc_pkg}.pkg/docs" return 0 } -- cgit v0.9.1