[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] Makefile.maint (sync-vcs-ignore-files): avoid risk of abuse



As I wrote the original version of that rule, I realized that running
it in the presence of a maliciously named sub-directory containing a
.cvsignore file could result in arbitrary damage.  This fixes it at
the expense of embedding a Perl script in the Makefile.  Rather ugly,
when you take into account the original, doubled $$, and appended \n\
everywhere, but slightly better than having a separate script, I thought.

Anyhow, most people will never run the rule, and even fewer will
look at the sources in this file.

>From f27c8d4e76e153356a1283462295b0d3ddac4f5c Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering redhat com>
Date: Fri, 17 Oct 2008 14:03:21 +0200
Subject: [PATCH] Makefile.maint (sync-vcs-ignore-files): avoid risk of abuse

* Makefile.maint (sync-vcs-ignore-files): Rewrite rule so that
it won't misbehave even with maliciously-named sub-directories.
---
 ChangeLog      |    4 ++++
 Makefile.maint |   30 +++++++++++++++++++++++-------
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 719b05c..3c678fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 Fri Oct 17 11:58:31 +0200 Jim Meyering <meyering redhat com>

+	Makefile.maint (sync-vcs-ignore-files): avoid risk of abuse
+	* Makefile.maint (sync-vcs-ignore-files): Rewrite rule so that
+	it won't misbehave even with maliciously-named sub-directories.
+
 	generate .gitignore files from .cvsignore ones
 	* Makefile.maint (sync-vcs-ignore-files): New target.
 	Prompted by a patch from James Morris.
diff --git a/Makefile.maint b/Makefile.maint
index 441deac..d856469 100644
--- a/Makefile.maint
+++ b/Makefile.maint
@@ -608,11 +608,27 @@ my-distcheck: $(local-check) check
 	echo "$(distdir).tar.gz is ready for distribution"; \
 	echo "========================"

-gi=.gitignore
+cvs-to-git = '\#!/usr/bin/perl\n\
+use warnings;\n\
+use strict;\n\
+use File::Find;\n\
+use File::Copy;\n\
+\n\
+find ({wanted =>\n\
+       sub {$$_ eq q/.cvsignore/ or return;\n\
+	    my $$gi = q/.gitignore/;\n\
+	    unlink $$gi;\n\
+	    copy($$_, $$gi) or die qq/copy failed: $$_->$$gi: $$!\\n/;\n\
+	    chmod 0444, $$gi;\n\
+	    }},\n\
+      q!.!);\n'
+
+.PHONY: sync-vcs-ignore-files
+c2g = cvs-to-git
 sync-vcs-ignore-files:
-	find . -name .cvsignore				\
-	  | sed						\
-	    -e 's,\(.*\),cp -f \1 \1; chmod 444 \1,'	\
-	    -e 's,\.cvsignore; ,$(gi); ,'		\
-	    -e 's,\.cvsignore$$,$(gi),'			\
-	  | $(SHELL)
+	rm -f $(c2g)-t $(c2g)
+	printf $(cvs-to-git) > $(c2g)-t
+	chmod a+x-w $(c2g)-t
+	mv $(c2g)-t $(c2g)
+	perl $(c2g)
+	rm -f $(c2g)
--
1.6.0.2.532.g84ed4c


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]