| Message ID | 20210701182051.222783-1-leo.izen@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [FFmpeg-devel] configure: Fix some unsafe shell practices | expand |
| Context | Check | Description |
|---|---|---|
| andriy/x86_make | success | Make finished |
| andriy/x86_make_fate | success | Make fate finished |
| andriy/PPC64_make | success | Make finished |
| andriy/PPC64_make_fate | success | Make fate finished |
On 2021-07-01 14:20, Leo Izen wrote: > This commit fixes some unsafe shell pratcies in ./configure, > particularly those that involve variable expansions on possibly > unsanitized data in unsafe ways. This commit corrects this behavior > in a small number of locations. > --- > configure | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/configure b/configure > index b124411609..dd910f538f 100755 > --- a/configure > +++ b/configure > @@ -530,7 +530,7 @@ warn(){ > > die(){ > log "$@" > - echo "$error_color$bold_color$@$reset_color" > + echo "$error_color$bold_color$*$reset_color" > cat <<EOF > > If you think configure made a mistake, make sure you are using the > latest > @@ -625,7 +625,7 @@ set_weak(){ > } > > sanitize_var_name(){ > - echo $@ | sed 's/[^A-Za-z0-9_]/_/g' > + printf %s "$*" | sed 's/[^A-Za-z0-9_]/_/g' > } > > set_sanitized(){ > @@ -1091,7 +1091,7 @@ check_cmd(){ > cmd=$1 > disabled $cmd && return > disable $cmd > - test_cmd $@ && enable $cmd > + test_cmd "$@" && enable $cmd > } > > check_as(){ > @@ -1100,7 +1100,7 @@ check_as(){ > code=$2 > shift 2 > disable $name > - test_as $@ <<EOF && enable $name > + test_as "$@" <<EOF && enable $name > $code > EOF > } > @@ -1153,8 +1153,8 @@ test_ld(){ > log test_ld "$@" > type=$1 > shift 1 > - flags=$(filter_out '-l*|*.so' $@) > - libs=$(filter '-l*|*.so' $@) > + flags=$(filter_out '-l*|*.so' "$@") > + libs=$(filter '-l*|*.so' "$@") > test_$type $($cflags_filter $flags) || return > flags=$($ldflags_filter $flags) > libs=$($ldflags_filter $libs) > @@ -1167,7 +1167,7 @@ check_ld(){ > name=$2 > shift 2 > disable $name > - test_ld $type $@ && enable $name > + test_ld $type "$@" && enable $name > } > > print_include(){ > @@ -7709,7 +7709,7 @@ print_enabled_components(){ > struct_name=$2 > name=$3 > shift 3 > - echo "static const $struct_name * const $name[] = {" > $TMPH > + echo "static const $struct_name * const ${name}[] = {" > $TMPH > for c in $*; do > if enabled $c; then > case $name in LGTM
diff --git a/configure b/configure index b124411609..dd910f538f 100755 --- a/configure +++ b/configure @@ -530,7 +530,7 @@ warn(){ die(){ log "$@" - echo "$error_color$bold_color$@$reset_color" + echo "$error_color$bold_color$*$reset_color" cat <<EOF If you think configure made a mistake, make sure you are using the latest @@ -625,7 +625,7 @@ set_weak(){ } sanitize_var_name(){ - echo $@ | sed 's/[^A-Za-z0-9_]/_/g' + printf %s "$*" | sed 's/[^A-Za-z0-9_]/_/g' } set_sanitized(){ @@ -1091,7 +1091,7 @@ check_cmd(){ cmd=$1 disabled $cmd && return disable $cmd - test_cmd $@ && enable $cmd + test_cmd "$@" && enable $cmd } check_as(){ @@ -1100,7 +1100,7 @@ check_as(){ code=$2 shift 2 disable $name - test_as $@ <<EOF && enable $name + test_as "$@" <<EOF && enable $name $code EOF } @@ -1153,8 +1153,8 @@ test_ld(){ log test_ld "$@" type=$1 shift 1 - flags=$(filter_out '-l*|*.so' $@) - libs=$(filter '-l*|*.so' $@) + flags=$(filter_out '-l*|*.so' "$@") + libs=$(filter '-l*|*.so' "$@") test_$type $($cflags_filter $flags) || return flags=$($ldflags_filter $flags) libs=$($ldflags_filter $libs) @@ -1167,7 +1167,7 @@ check_ld(){ name=$2 shift 2 disable $name - test_ld $type $@ && enable $name + test_ld $type "$@" && enable $name } print_include(){ @@ -7709,7 +7709,7 @@ print_enabled_components(){ struct_name=$2 name=$3 shift 3 - echo "static const $struct_name * const $name[] = {" > $TMPH + echo "static const $struct_name * const ${name}[] = {" > $TMPH for c in $*; do if enabled $c; then case $name in