summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlolilolicon <lolilolicon@gmail.com>2014-09-07 18:57:31 +0200
committerAllan McRae <allan@archlinux.org>2014-09-15 01:32:29 +0200
commitee207d7c7b34ca54ad9bf65952eb1d567ef41ceb (patch)
tree2b49d25e3d66cafed53995c1d904990863ec8573
parent95e1a1ef8223dea2b8eb41e60428858b1c39f47f (diff)
downloadpacman-ee207d7c7b34ca54ad9bf65952eb1d567ef41ceb.tar.gz
pacman-ee207d7c7b34ca54ad9bf65952eb1d567ef41ceb.tar.xz
makepkg: do not eval dlcmd
This eval enables the following in a PKGBUILD to "just work": source=('$pkgname-$pkgver.tar.gz'::'https://host/$pkgver.tar.gz') This has at least two problems: - It violated the principle of least surprise. - It could be a security issue since URLs are arbitrary input. Instead, expand the dlagent command line into an array, replace the %o, %u place holders, and run the resultant command line as is. Embedded spaces in the DLAGENTS entry can be escaped with a backslash. Fixes FS#41682 Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--scripts/makepkg.sh.in21
1 files changed, 10 insertions, 11 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index 6f6d41c8..913c9015 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -342,8 +342,9 @@ download_file() {
local proto=$(get_protocol "$netfile")
# find the client we should use for this URL
- local dlcmd
- dlcmd=$(get_downloadclient "$proto") || exit $?
+ local -a cmdline
+ IFS=' ' read -a cmdline < <(get_downloadclient "$proto")
+ (( ${#cmdline[@]} )) || exit
local filename=$(get_filename "$netfile")
local url=$(get_url "$netfile")
@@ -359,20 +360,18 @@ download_file() {
local dlfile="${url##*/}"
# replace %o by the temporary dlfile if it exists
- if [[ $dlcmd = *%o* ]]; then
- dlcmd=${dlcmd//\%o/\"$filename.part\"}
- dlfile="$filename.part"
+ if [[ ${cmdline[*]} = *%o* ]]; then
+ dlfile=$filename.part
+ cmdline=("${cmdline[@]//%o/"$dlfile"}")
fi
# add the URL, either in place of %u or at the end
- if [[ $dlcmd = *%u* ]]; then
- dlcmd=${dlcmd//\%u/\"$url\"}
+ if [[ ${cmdline[*]} = *%u* ]]; then
+ cmdline=("${cmdline[@]//%u/"$url"}")
else
- dlcmd="$dlcmd \"$url\""
+ cmdline+=("$url")
fi
- local ret=0
- eval "$dlcmd >&2 || ret=\$?"
- if (( ret )); then
+ if ! command -- "${cmdline[@]}" >&2; then
[[ ! -s $dlfile ]] && rm -f -- "$dlfile"
error "$(gettext "Failure while downloading %s")" "$filename"
plain "$(gettext "Aborting...")"