From 6e60895ccd7b62eb517be6b4711361ac9f4aad62 Mon Sep 17 00:00:00 2001 From: "dylan.araps@gmail.com" Date: Sun, 21 Jul 2019 11:09:53 +0000 Subject: kiss: Disable globbing globally and only enable it when needed. FossilOrigin-Name: 49366a4e961ef9e8e20751a97157d2128470dd64b4fd5dfeb4895c787c1246f2 --- kiss | 89 ++++++++++++++++++++++++++++++-------------------------------------- 1 file changed, 39 insertions(+), 50 deletions(-) (limited to 'kiss') diff --git a/kiss b/kiss index f0d4e30..3660a28 100755 --- a/kiss +++ b/kiss @@ -1,4 +1,9 @@ -#!/bin/sh -e +#!/bin/sh -ef +# +# Disable warnings against word-splitting and globbing. +# They are used *safely* throughout this script as globbing +# is globally disabled and assumptions can be made about the input. +# shellcheck disable=2046,2086 # # This is a simple package manager written in POSIX 'sh' for # KISS Linux, utilizing the core UNIX utilities where needed. @@ -67,14 +72,8 @@ pkg_search() { "Repositories will be searched in the configured order." \ "The variable should work just like \$PATH." - # Disable globbing with 'set -f' to ensure that the unquoted - # variable doesn't expand into anything nasty. - # shellcheck disable=2086,2046 - { - set -f - set -- "$1" $(IFS=:; find $KISS_PATH -maxdepth 1 -name "$1") - set +f - } + # Find the repository containing a package. + set -- "$1" $(IFS=:; find $KISS_PATH -maxdepth 1 -name "$1") # A package may also not be found due to a repository not being # readable by the current user. Either way, we need to die here. @@ -99,7 +98,7 @@ pkg_list() { # packages. If no arguments are passed, list all. As we # loop over '$@', if there aren't any arguments we can # just set the directory contents to the argument list. - [ "$1" ] || set -- * + [ "$1" ] || { set +f; set -f -- *; } # If the 'glob' above failed, exit early as there are no # packages installed. @@ -359,15 +358,8 @@ pkg_build() { # passed to KISS aren't. explicit_packages=" $* " - # Disable globbing with 'set -f' to ensure that the unquoted - # variable doesn't expand into anything nasty. - # shellcheck disable=2086,2046 - { - # Set the resolved dependency list as the function's arguments. - set -f - set -- $missing_deps - set +f - } + # Set the resolved dependency list as the function's arguments. + set -- $missing_deps # The dependency solver always lists all dependencies regardless of # whether or not they are installed. Ensure that all explicit packages @@ -385,15 +377,8 @@ pkg_build() { esac done - # Disable globbing with 'set -f' to ensure that the unquoted - # variable doesn't expand into anything nasty. - # shellcheck disable=2086,2046 - { - # Set the resolved dependency list as the function's arguments. - set -f - set -- $build_packages - set +f - } + # Set the filtered dependency list as the function's arguments. + set -- $build_packages log "Building: $*." @@ -576,6 +561,9 @@ pkg_conflicts() { [ "${line%%*/}" ] && printf '%s\n' "$line" >> "$cac_dir/manifest-$pid" done ||: + # Enable globbing. + set +f + # Compare extracted manifest to all installed manifests. # If there are matching lines (files) there is a package conflict. for db in "$KISS_ROOT/$pkg_db/"*; do @@ -585,6 +573,9 @@ pkg_conflicts() { die "Package '$2' conflicts with '${db##*/}'." done + # Disable globbing. + set -f + # Remove this temporary file as we no longer need it. rm -f "$cac_dir/manifest-$pid" } @@ -600,14 +591,20 @@ pkg_remove() { return } + # Enable globbing. + set +f + # Make sure that nothing depends on this package. [ "$2" = check ] && for file in "$KISS_ROOT/$pkg_db/"*; do # Check each depends file for the package and if it's # a run-time dependency, append to the $required_by string. - grep -q "^$1$" "$file/depends" 2>/dev/null && + grep -qFx "$1" "$file/depends" 2>/dev/null && required_by="$required_by'${file##*/}', " done + # Disable globbing. + set -f + [ "$required_by" ] && die "[$1]: Package is required by ${required_by%, }." \ "[$1]: Aborting here..." @@ -740,19 +737,11 @@ pkg_updates() { # version and the version in the repositories differ, it's considered # an update. - # Disable globbing with 'set -f' to ensure that the unquoted - # variable doesn't expand into anything nasty. - # shellcheck disable=2086,2046 - { - set -f - IFS=: - set -- $KISS_PATH - IFS=$old_ifs - set +f - } - log "Updating repositories..." + # Create a list of all repositories. + IFS=:; set -- $KISS_PATH; IFS=$old_ifs + # Update each repository in '$KISS_PATH'. It is assumed that # each repository is 'git' tracked. for repo; do @@ -762,6 +751,9 @@ pkg_updates() { log "Checking for new package versions..." + # Enable globbing. + set +f + for pkg in "$KISS_ROOT/$pkg_db/"*; do # Find the package's repository files. This needs to keep # happening as we can't store this data in any kind of data @@ -780,20 +772,17 @@ pkg_updates() { } done + # Disable globbing. + set -f + # End here if no packages have an update. [ "$outdated" ] || { log "Everything is up to date." return } - # Disable globbing with 'set -f' to ensure that the unquoted - # variable doesn't expand into anything nasty. - # shellcheck disable=2086,2046 - { - set -f - set -- $outdated - set +f - } + # Turn the string of outdated packages into a 'list'. + set -- $outdated log "Packages to update: ${outdated% }." @@ -813,7 +802,7 @@ pkg_clean() { rm -rf -- "$mak_dir" "$pkg_dir" "$tar_dir" # Remove temporary files. - rm -f "$repo_dir/.checksums" "$cac_dir/m-"* + (set +f; rm -f "$repo_dir/.checksums" "$cac_dir/m-"*) } root_check() { @@ -845,7 +834,7 @@ args() { # Use a glob after 'cd' to generate a list of all installed # packages based on directory names. - set -- * + set +f; set -f -- * # Undo the above 'cd' to ensure we stay in the same location. cd - >/dev/null -- cgit v1.2.3