From: Yann E. MORIN Date: Mon, 7 Dec 2015 09:26:55 +0000 (+0100) Subject: support/download: protect from custom commands with spaces in args X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=3f2bdd0701de4f2bca7e6d96f96972e7bcabdd93;p=buildroot.git support/download: protect from custom commands with spaces in args Some users may provide custom download commands with spaces in their arguments, like so: BR2_HG="hg --config foo.bar='some space-separated value'" However, the way we currently call those commands does not account for the extra quotes, and each space-separated part of the command is interpreted as separate arguments. Fix that by calling 'eval' on the commands. Because of the eval, we must further quote our own arguments, to avoid the eval further splitting them in case there are spaces (even though we do not support paths with spaces, better be clean from the onset to avoid breakage in the future). We change all the wrappers to use a wrapper-function, even those with a single call, so they all look alike. Note that we do not single-quote some of the variables, like ${verbose} because it can be empty and we really do not want to generate an empty-string argument. That's not a problem, as ${verbose} would not normally contain space-separated values (it could get set to something like '-q -v' but in that case we'd still want two arguments, so that's fine). Reported-by: Thomas De Schampheleire Signed-off-by: "Yann E. MORIN" Cc: Thomas De Schampheleire Reviewed-by: Thomas De Schampheleire Tested-by: Thomas De Schampheleire Signed-off-by: Thomas Petazzoni --- diff --git a/support/download/bzr b/support/download/bzr index c567466531..cec9ce8f37 100755 --- a/support/download/bzr +++ b/support/download/bzr @@ -26,4 +26,10 @@ repo="${2}" rev="${3}" basename="${4}" -${BZR} export ${verbose} --root="${basename}/" --format=tgz "${output}" "${repo}" -r "${rev}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_bzr() { + eval ${BZR} "${@}" +} + +_bzr export ${verbose} --root="'${basename}/'" --format=tgz "'${output}'" "'${repo}'" -r "'${rev}'" diff --git a/support/download/cp b/support/download/cp index 6e29eef1ec..09ce3d1100 100755 --- a/support/download/cp +++ b/support/download/cp @@ -28,4 +28,10 @@ shift $((OPTIND-1)) output="${1}" source="${2}" -${LOCALFILES} ${verbose} "${source}" "${output}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_localfiles() { + eval ${LOCALFILES} "${@}" +} + +_localfiles ${verbose} "'${source}'" "'${output}'" diff --git a/support/download/cvs b/support/download/cvs index bfac73b1f1..e1d5035c11 100755 --- a/support/download/cvs +++ b/support/download/cvs @@ -26,6 +26,12 @@ rev="${3}" rawname="${4}" basename="${5}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_cvs() { + eval ${CVS} "${@}" +} + if [[ ${rev} =~ ^[0-9] ]]; then # Date, because a tag or a branch cannot begin with a number select="-D" @@ -35,7 +41,7 @@ else fi export TZ=UTC -${CVS} ${verbose} -z3 -d":pserver:anonymous@${repo}" \ - co -d "${basename}" ${select} "${rev}" -P "${rawname}" +_cvs ${verbose} -z3 -d"':pserver:anonymous@${repo}'" \ + co -d "'${basename}'" ${select} "'${rev}'" -P "'${rawname}'" tar czf "${output}" "${basename}" diff --git a/support/download/git b/support/download/git index 357a55806e..e342ed31aa 100755 --- a/support/download/git +++ b/support/download/git @@ -25,6 +25,12 @@ repo="${2}" cset="${3}" basename="${4}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_git() { + eval ${GIT} "${@}" +} + # Try a shallow clone, since it is faster than a full clone - but that only # works if the version is a ref (tag or branch). Before trying to do a shallow # clone we check if ${cset} is in the list provided by git ls-remote. If not @@ -33,9 +39,9 @@ basename="${4}" # Messages for the type of clone used are provided to ease debugging in case of # problems git_done=0 -if [ -n "$(${GIT} ls-remote "${repo}" "${cset}" 2>&1)" ]; then +if [ -n "$(_git ls-remote "'${repo}'" "'${cset}'" 2>&1)" ]; then printf "Doing shallow clone\n" - if ${GIT} clone ${verbose} --depth 1 -b "${cset}" --bare "${repo}" "${basename}"; then + if _git clone ${verbose} --depth 1 -b "'${cset}'" --bare "'${repo}'" "'${basename}'"; then git_done=1 else printf "Shallow clone failed, falling back to doing a full clone\n" @@ -43,10 +49,10 @@ if [ -n "$(${GIT} ls-remote "${repo}" "${cset}" 2>&1)" ]; then fi if [ ${git_done} -eq 0 ]; then printf "Doing full clone\n" - ${GIT} clone ${verbose} --mirror "${repo}" "${basename}" + _git clone ${verbose} --mirror "'${repo}'" "'${basename}'" fi GIT_DIR="${basename}" \ -${GIT} archive --prefix="${basename}/" -o "${output}.tmp" --format=tar "${cset}" +_git archive --prefix="'${basename}/'" -o "'${output}.tmp'" --format=tar "'${cset}'" gzip <"${output}.tmp" >"${output}" diff --git a/support/download/hg b/support/download/hg index ac1e9b93b1..5bdbbc82cd 100755 --- a/support/download/hg +++ b/support/download/hg @@ -25,8 +25,14 @@ repo="${2}" cset="${3}" basename="${4}" -${HG} clone ${verbose} --noupdate "${repo}" "${basename}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_hg() { + eval ${HG} "${@}" +} -${HG} archive ${verbose} --repository "${basename}" --type tgz \ - --prefix "${basename}" --rev "${cset}" \ - "${output}" +_hg clone ${verbose} --noupdate "'${repo}'" "'${basename}'" + +_hg archive ${verbose} --repository "'${basename}'" --type tgz \ + --prefix "'${basename}'" --rev "'${cset}'" \ + "'${output}'" diff --git a/support/download/scp b/support/download/scp index 1a62f30a2f..95cf502be2 100755 --- a/support/download/scp +++ b/support/download/scp @@ -23,4 +23,10 @@ shift $((OPTIND-1)) output="${1}" url="${2}" -${SCP} ${verbose} "${url}" "${output}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_scp() { + eval ${SCP} "${@}" +} + +_scp ${verbose} "'${url}'" "'${output}'" diff --git a/support/download/svn b/support/download/svn index 558bca0fa3..4dcdd06239 100755 --- a/support/download/svn +++ b/support/download/svn @@ -25,6 +25,12 @@ repo="${2}" rev="${3}" basename="${4}" -${SVN} export ${verbose} "${repo}@${rev}" "${basename}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_svn() { + eval ${SVN} "${@}" +} + +_svn export ${verbose} "'${repo}@${rev}'" "'${basename}'" tar czf "${output}" "${basename}" diff --git a/support/download/wget b/support/download/wget index 885bcf14ff..0fc7ffa94e 100755 --- a/support/download/wget +++ b/support/download/wget @@ -23,4 +23,10 @@ shift $((OPTIND-1)) output="${1}" url="${2}" -${WGET} ${verbose} -O "${output}" "${url}" +# Caller needs to single-quote its arguments to prevent them from +# being expanded a second time (in case there are spaces in them) +_wget() { + eval ${WGET} "${@}" +} + +_wget ${verbose} -O "'${output}'" "'${url}'"