From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/portage:master commit in: /, bin/
Date: Mon, 5 Dec 2022 04:04:06 +0000 (UTC) [thread overview]
Message-ID: <1670213042.2294cb62b65431df06ded745ded8fcfb6a4d5865.sam@gentoo> (raw)
commit: 2294cb62b65431df06ded745ded8fcfb6a4d5865
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Sun Dec 4 11:14:34 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Dec 5 04:04:02 2022 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=2294cb62
bin/etc-update: Apply patsub_replacement defences
Per bug #881383, string replacing forms of parameter expansion must take care
to quote - or appropriately escape - any nested parameter expansions, assuming
that their values are intended to be taken literally (as is almost invariably
the case). This has long been the case, but the introduction of the new
patsub_replacement option in bash >=5.2 has brought the issue to the fore.
This commit addresses two instances in which the etc-update script could
unintentionally induce patsub replacement. There are many other quality issues
that affect this script but this is enough to address the aforementioned bug.
Bug: https://bugs.gentoo.org/881383
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
Signed-off-by: Sam James <sam <AT> gentoo.org>
NEWS | 3 ++-
bin/etc-update | 4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/NEWS b/NEWS
index f986616a2..2144156fd 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,8 @@ Features:
* TODO
Bug fixes:
-* TODO
+* etc-update: Apply defences for patsub_replacement being default on in Bash 5.2.
+ bug #881383.
portage-3.0.41 (2022-11-04)
--------------
diff --git a/bin/etc-update b/bin/etc-update
index a7d1088da..59e709168 100755
--- a/bin/etc-update
+++ b/bin/etc-update
@@ -90,8 +90,8 @@ cmd_var_is_valid() {
}
diff_command() {
- local cmd=${diff_command//%file1/$1}
- ${cmd//%file2/$2}
+ local cmd=${diff_command//%file1/"$1"}
+ ${cmd//%file2/"$2"}
}
# Usage: do_mv_ln [options] <src> <dst>
next reply other threads:[~2022-12-05 4:04 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-05 4:04 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-06-13 2:34 [gentoo-commits] proj/portage:master commit in: /, bin/ Sam James
2023-12-27 21:18 Ulrich Müller
2023-12-04 6:45 Sam James
2023-05-17 6:20 Sam James
2023-05-01 7:21 Sam James
2022-09-29 20:45 Sam James
2022-09-29 20:45 Sam James
2022-09-29 20:45 Sam James
2022-09-29 20:45 Sam James
2022-09-29 20:45 Sam James
2022-08-19 17:59 Mike Gilbert
2022-07-18 20:42 Sam James
2020-08-01 1:57 Zac Medico
2017-09-02 21:37 Michał Górny
2014-08-19 7:01 Michał Górny
2014-08-12 21:55 Alexander Berntsen
2012-03-27 15:19 Zac Medico
2012-03-27 14:40 Zac Medico
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1670213042.2294cb62b65431df06ded745ded8fcfb6a4d5865.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox