Protect against cmd operands beginning with "-"

author: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-04-14 01:36:13 (EDT)
committer: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-04-14 01:36:13 (EDT)
commit: 049f1d1434c5e3dc5f1c6a0d57711b33911c3b12 (patch)
tree: 3a7cd9ab47da1a93efc2b4a37d6064ef3cd8608f
parent: 38c211c927c942d30946dfc7caaa5bb6535ea66a (diff)
8 files changed, 54 insertions, 54 deletions
diff --git a/src/cmd/process-incoming.sh b/src/cmd/process-incoming.sh
index 59e7818..4a5e7d9 100644
--- a/src/cmd/process-incoming.sh
+++ b/src/cmd/process-incoming.sh
@@ -37,9 +37,9 @@ cmd_process_incoming_main()
 			if [ ! -f "${file}" ]; then
 				continue
 			fi
-			rm -f "${file}"
+			rm -f -- "${file}"
 		done
-		rm -f "${changes}"
+		rm -f -- "${changes}"
 	done
 
 	fini
diff --git a/src/db.sh b/src/db.sh
index 4069621..944d701 100644
--- a/src/db.sh
+++ b/src/db.sh
@@ -35,7 +35,7 @@ db_get_srcver()
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}"
 	if [ -f "${dir}/srcver" ]; then
-		cat "${dir}/srcver"
+		cat -- "${dir}/srcver"
 	fi
 
 	return 0
@@ -52,7 +52,7 @@ db_set_srcver()
 
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}"
-	mkdir -p "${dir}"
+	mkdir -p -- "${dir}"
 	printf '%s\n' "${srcver}" >"${dir}/srcver"
 
 	return 0
@@ -68,9 +68,9 @@ db_del_srcver()
 
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}"
-	rm -f "${dir}/srcver"
+	rm -f -- "${dir}/srcver"
 	# Remove ".../.db/<hash>/<source>".
-	rmdir "${dir}"
+	rmdir -- "${dir}"
 	# Try to remove ".../.db/<hash>" and ".../.db".
 	for dir in "${dir%/*}" "${dir%/*/*}"; do
 		try_rmdir "${dir}" || break
@@ -92,7 +92,7 @@ db_get_binver()
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}/${arch}_${plat}"
 	if [ -f "${dir}/binver" ]; then
-		cat "${dir}/binver"
+		cat -- "${dir}/binver"
 	fi
 
 	return 0
@@ -111,7 +111,7 @@ db_set_binver()
 
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}/${arch}_${plat}"
-	mkdir -p "${dir}"
+	mkdir -p -- "${dir}"
 	printf '%s\n' "${binver}" >"${dir}/binver"
 
 	return 0
@@ -129,9 +129,9 @@ db_del_binver()
 
 	dir="${base_dir}/feeds/${chan}/${dist}/.db"
 	dir="${dir}/$(hash_name "${source}")/${source}/${arch}_${plat}"
-	rm -f "${dir}/binver"
+	rm -f -- "${dir}/binver"
 	# Remove ".../.db/<hash>/<source>/<arch>_<plat>".
-	rmdir "${dir}"
+	rmdir -- "${dir}"
 
 	return 0
 }
@@ -202,7 +202,7 @@ db_get_packages()
 	dir="${base_dir}/pool/$(hash_name "${source}")/${source}/.db"
 	dir="${dir}/${binver}_${arch}_${plat}"
 	if [ -f "${dir}/packages" ]; then
-		cat "${dir}/packages"
+		cat -- "${dir}/packages"
 	fi
 
 	return 0
@@ -222,7 +222,7 @@ db_add_package()
 
 	dir="${base_dir}/pool/$(hash_name "${source}")/${source}/.db"
 	dir="${dir}/${binver}_${arch}_${plat}"
-	mkdir -p "${dir}"
+	mkdir -p -- "${dir}"
 	printf '%s %s %s\n' "${size}" "${sect}" "${pkg}" >>"${dir}/packages"
 
 	return 0
@@ -239,9 +239,9 @@ db_del_packages()
 
 	dir="${base_dir}/pool/$(hash_name "${source}")/${source}/.db"
 	dir="${dir}/${binver}_${arch}_${plat}"
-	rm -f "${dir}/packages"
+	rm -f -- "${dir}/packages"
 	# Remove "pool/<hash>/<source>/.db/<binver>_<arch>_<plat>".
-	rmdir "${dir}"
+	rmdir -- "${dir}"
 	# Try to remove "pool/<hash>/<source>/.db".
 	try_rmdir "${dir%/*}" || :
 
@@ -261,11 +261,11 @@ db_inc_references()
 	dir="${base_dir}/pool/$(hash_name "${source}")/${source}/.db"
 	dir="${dir}/${binver}_${arch}_${plat}"
 	if [ -f "${dir}/references" ]; then
-		refs="$(cat "${dir}/references")"
+		refs="$(cat -- "${dir}/references")"
 		refs=$((${refs} + 1))
 	else
 		refs=1
-		mkdir -p "${dir}"
+		mkdir -p -- "${dir}"
 	fi
 	printf '%d\n' "${refs}" >"${dir}/references"
 	printf '%d\n' "${refs}"
@@ -292,7 +292,7 @@ db_dec_references()
 		refs=0
 	fi
 	if [ ${refs} -eq 0 ]; then
-		rm -f "${dir}/references"
+		rm -f -- "${dir}/references"
 	else
 		printf '%d\n' "${refs}" >"${dir}/references"
 	fi
diff --git a/src/dir.sh b/src/dir.sh
index e7489ef..1877568 100644
--- a/src/dir.sh
+++ b/src/dir.sh
@@ -73,7 +73,7 @@ try_rmdir()
 	if ! dir_is_empty "${dir}"; then
 		return 1
 	fi
-	if ! rmdir "${dir}"; then
+	if ! rmdir -- "${dir}"; then
 		return 1
 	fi
 
diff --git a/src/garbage.sh b/src/garbage.sh
index 7d4fac5..118bce1 100644
--- a/src/garbage.sh
+++ b/src/garbage.sh
@@ -60,14 +60,14 @@ collect_garbage()
 		fi
 		while read -r dirs file; do
 			info_v "$(get_msg 'collecting_garbage_file')" "${file}"
-			rm -f "${base_dir}/${file}"
+			rm -f -- "${base_dir}/${file}"
 			while [ ${dirs} -gt 0 ]; do
 				file="${file%/*}"
 				try_rmdir "${base_dir}/${file}" || :
 				dirs=$((${dirs} - 1))
 			done
 		done <"${garbage}"
-		rm -f "${garbage}"
+		rm -f -- "${garbage}"
 	done
 
 	return 0
@@ -84,7 +84,7 @@ mark_pool_garbage()
 	time=$(_time)
 	time=$((${time} + ${conf_pool_gc_delay}))
 
-	mkdir -p "${base_dir}/.db/garbage"
+	mkdir -p -- "${base_dir}/.db/garbage"
 	printf '2 %s\n' "${file}" >>"${base_dir}/.db/garbage/${time}"
 
 	return 0
diff --git a/src/include.sh b/src/include.sh
index 72d14f7..71e82ac 100644
--- a/src/include.sh
+++ b/src/include.sh
@@ -166,9 +166,9 @@ include_changes()
 			"${size}" "${sect}" "${pkg}"
 		pool_file="pool/$(hash_name "${source}")/${source}"
 		pool_file="${pool_file}/${pkg}_${binver}_${arch}_${plat}.opk"
-		file="$(dirname "${changes}")/${file}"
+		file="$(dirname -- "${changes}")/${file}"
 		files="${files} ${file}"
-		cp -p "${file}" "${base_dir}/${pool_file}"
+		cp -p -- "${file}" "${base_dir}/${pool_file}"
 		feed_add_package "${chan}" "${dist}" "${arch}" "${plat}" \
 			"${sect}" "${pkg}" "${size}" "${pool_file}"
 	done <<-EOF
diff --git a/src/index.sh b/src/index.sh
index 04283fb..b37b895 100644
--- a/src/index.sh
+++ b/src/index.sh
@@ -62,8 +62,8 @@ feed_add_package()
 	# Add package metadata to feed hash index.
 	feed_hash_idx="${base_dir}/feeds/${chan}/${dist}/${arch}/${plat}"
 	feed_hash_idx="${feed_hash_idx}/${sect}/.db/${pkg_hash}"
-	mkdir -p "${feed_hash_idx}/info"
-	"${TAR}" -xzOf "${base_dir}/${file}" 'control.tar.gz' | \
+	mkdir -p -- "${feed_hash_idx}/info"
+	"${TAR}" -xzOf -- "${base_dir}/${file}" 'control.tar.gz' | \
 		"${TAR}" -xzO './control' \
 		>"${feed_hash_idx}/info/${pkg}.control"
 	printf 'Filename: %s\nSize: %s\nMD5sum: %s\nSHA256sum: %s\n\n' \
@@ -75,7 +75,7 @@ feed_add_package()
 	# Mark feed index fragment as outdated.
 	old_dir="${base_dir}/feeds/.db/${chan}_${dist}/${arch}_${plat}"
 	old_dir="${old_dir}/${sect}"
-	mkdir -p "${old_dir}"
+	mkdir -p -- "${old_dir}"
 	>"${old_dir}/${pkg_hash}"
 
 	return 0
@@ -102,13 +102,13 @@ feed_remove_package()
 	# Remove package metadata from feed hash index.
 	feed_hash_idx="${base_dir}/feeds/${chan}/${dist}/${arch}/${plat}"
 	feed_hash_idx="${feed_hash_idx}/${sect}/.db/${pkg_hash}"
-	rm -f "${feed_hash_idx}/info/${pkg}.control"
+	rm -f -- "${feed_hash_idx}/info/${pkg}.control"
 	try_rmdir "${feed_hash_idx}/info" || :
 
 	# Mark feed index fragment as outdated.
 	old_dir="${base_dir}/feeds/.db/${chan}_${dist}/${arch}_${plat}"
 	old_dir="${old_dir}/${sect}"
-	mkdir -p "${old_dir}"
+	mkdir -p -- "${old_dir}"
 	>"${old_dir}/${pkg_hash}"
 
 	return 0
@@ -173,46 +173,46 @@ update_feeds()
 					idx="${sect}/.db/${hash_dirent##*/}"
 					# Ensure there are still packages here.
 					if [ -d "${idx}/info" ]; then
-						cat "${idx}/info/"*.control \
+						cat -- "${idx}/info/"*.control \
 							>"${idx}/Packages"
 					else
-						rm -f "${idx}/Packages"
-						rmdir "${idx}"
+						rm -f -- "${idx}/Packages"
+						rmdir -- "${idx}"
 					fi
-					rm -f "${hash_dirent}"
+					rm -f -- "${hash_dirent}"
 				done
 				# Ensure there are still packages here.
 				if ! try_rmdir "${sect}/.db"; then
-					cat "${sect}/.db/"*/Packages \
+					cat -- "${sect}/.db/"*/Packages \
 						>"${sect}/Packages~"
-					mv "${sect}/Packages~" \
+					mv -- "${sect}/Packages~" \
 						"${sect}/Packages"
 					if ${conf_gzip}; then
-						"${GZIP}" -9c \
+						"${GZIP}" -9c -- \
 							"${sect}/Packages" \
 							>"${sect}/Packages.gz"
 					fi
 					feed_sign "${sect}/Packages"
 					printf '%s\n' "${manifest_entry}" >&3
 				else
-					rm -f "${sect}/Packages" \
+					rm -f -- "${sect}/Packages" \
 						"${sect}/Packages.gz"
 				fi
-				rmdir "${sect_dirent}"
+				rmdir -- "${sect_dirent}"
 				try_rmdir "${sect}" || :
 			done
-			rmdir "${archplat_dirent}"
+			rmdir -- "${archplat_dirent}"
 			try_rmdir "${archplat}" || :
 			try_rmdir "${archplat%/*}" || :
 		done
-		rmdir "${suite_dirent}"
+		rmdir -- "${suite_dirent}"
 		exec 3>&-
 		if [ -s "${suite}/Manifest~" ]; then
-			mv "${suite}/Manifest~" "${suite}/Manifest"
+			mv -- "${suite}/Manifest~" "${suite}/Manifest"
 		else
-			rm -f "${suite}/Manifest~" "${suite}/Manifest"
-			rmdir "${suite}"
-			rmdir "${suite%/*}" 2>/dev/null || :
+			rm -f -- "${suite}/Manifest~" "${suite}/Manifest"
+			rmdir -- "${suite}"
+			rmdir -- "${suite%/*}" 2>/dev/null || :
 		fi
 	done
 
diff --git a/src/locale.sh b/src/locale.sh
index 8a72926..63a38e9 100644
--- a/src/locale.sh
+++ b/src/locale.sh
@@ -38,7 +38,7 @@ _try_load_locale()
 		# informative error message before aborting, we need this
 		# eval/cat command.  This is more resilient against race
 		# conditions than `[ -f "${ms}" ]` is.
-		eval "$(cat "${ms}" 2>/dev/null)" || continue
+		eval "$(cat -- "${ms}" 2>/dev/null)" || continue
 		return 0
 	done
 
diff --git a/src/main.sh b/src/main.sh
index 7af0810..5998e9c 100644
--- a/src/main.sh
+++ b/src/main.sh
@@ -43,7 +43,7 @@ exit_status=
 
 _lock()
 {
-	mkdir -p "${base_dir}/.db"
+	mkdir -p -- "${base_dir}/.db"
 	lock="${base_dir}/.db/lock"
 	if ! (set -C; printf '%d\n' "${$}" >"${lock}") 2>/dev/null; then
 		error 2 "$(get_msg 'lock_fail')"
@@ -52,7 +52,7 @@ _lock()
 
 _unlock()
 {
-	rm -f "${lock}"
+	rm -f -- "${lock}"
 }
 
 _handle_sig()
@@ -63,9 +63,9 @@ _handle_sig()
 	_unlock
 
 	if [ "x${exit_status:+set}" = 'xset' ]; then
-		exit ${exit_status}
+		exit -- ${exit_status}
 	else
-		exit $((128 + ${sig}))
+		exit -- $((128 + ${sig}))
 	fi
 }
 
@@ -116,14 +116,14 @@ _get_conf()
 	conf_gzip=true
 	conf_key=''
 
-	eval "$(cat "${base_dir}/conf" 2>/dev/null || :)"
+	eval "$(cat -- "${base_dir}/conf" 2>/dev/null || :)"
 
 	old_dir="$(pwd)"
-	cd "${base_dir}"
+	cd -- "${base_dir}"
 	if [ -d "${conf_incoming_dir}" ]; then
-		conf_incoming_dir="$(cd "${conf_incoming_dir}" && pwd)"
+		conf_incoming_dir="$(cd -- "${conf_incoming_dir}" && pwd)"
 	fi
-	cd "${old_dir}"
+	cd -- "${old_dir}"
 
 	case "${conf_pool_gc_delay}" in *[!0-9]* | '')
 		error 1 "$(get_msg 'conf_invalid')" 'conf_pool_gc_delay'
@@ -158,9 +158,9 @@ main()
 	local cmd=
 	local status=
 
-	if [ -f "$(dirname "${0}")/.builddirstamp" ]; then
+	if [ -f "$(dirname -- "${0}")/.builddirstamp" ]; then
 		in_place=true
-		builddir="$(dirname "${0}")"
+		builddir="$(dirname -- "${0}")"
 	else
 		in_place=false
 		builddir=''
author	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-04-14 01:36:13 (EDT)
committer	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-04-14 01:36:13 (EDT)
commit	049f1d1434c5e3dc5f1c6a0d57711b33911c3b12 (patch)
tree	3a7cd9ab47da1a93efc2b4a37d6064ef3cd8608f
parent	38c211c927c942d30946dfc7caaa5bb6535ea66a (diff)