summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDave Reisner <dreisner@archlinux.org>2013-10-14 09:13:28 -0400
committerAllan McRae <allan@archlinux.org>2013-10-15 12:40:53 +1000
commit968486ecc0c20f3b075ad9b903b9df862621610a (patch)
tree7e05474af37372e7b2d6ed9b4df7e67c7b4524f9
parente049bb8bd6bb3b8aacf371abde937d2270cfa451 (diff)
downloadpacman-968486ecc0c20f3b075ad9b903b9df862621610a.tar.xz
makepkg: validate updated pkgver before replacement
Validate the new pkgver efore blindly ramming it into the PKGBUILD. This gives us good feedback and prevents corrupting the PKGBUILD, e.g. ==> Starting pkgver()... ==> ERROR: pkgver is not allowed to contain colons, hyphens or whitespace. ==> ERROR: pkgver() generated an invalid version: a horse is not a pkgver As an additional failsafe, exchange a valid for invalid character as command separator in @SEDINPLACE@ expressions. For even more paranoia, exit if sed fails for any reason. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--scripts/makepkg.sh.in25
1 files changed, 18 insertions, 7 deletions
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index cedef4c6..8050d0bc 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -810,11 +810,19 @@ download_sources() {
# Re-sources the PKGBUILD afterwards to allow for other variables that use $pkgver
update_pkgver() {
newpkgver=$(run_function_safe pkgver)
+ if ! validate_pkgver "$newpkgver"; then
+ error "$(gettext "pkgver() generated an invalid version: %s")" "$newpkgver"
+ exit 1
+ fi
if [[ -n $newpkgver && $newpkgver != "$pkgver" ]]; then
if [[ -f $BUILDFILE && -w $BUILDFILE ]]; then
- @SEDINPLACE@ "s/^pkgver=[^ ]*/pkgver=$newpkgver/" "$BUILDFILE"
- @SEDINPLACE@ "s/^pkgrel=[^ ]*/pkgrel=1/" "$BUILDFILE"
+ if ! @SEDINPLACE@ "s:^pkgver=[^ ]*:pkgver=$newpkgver:" "$BUILDFILE"; then
+ error "$(gettext "Failed to update %s from %s to %s")" \
+ "pkgver" "$pkgver" "$newpkgver"
+ exit 1
+ fi
+ @SEDINPLACE@ "s:^pkgrel=[^ ]*:pkgrel=1:" "$BUILDFILE"
source_safe "$BUILDFILE"
local fullver=$(get_full_version)
msg "$(gettext "Updated version: %s")" "$pkgbase $fullver"
@@ -1354,7 +1362,6 @@ extract_sources() {
if (( PKGVERFUNC )); then
update_pkgver
- check_pkgver || exit 1
check_build_status
fi
}
@@ -2249,6 +2256,13 @@ check_sanity() {
return $ret
}
+validate_pkgver() {
+ if [[ $1 = *[[:space:]:-]* ]]; then
+ error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver"
+ return 1
+ fi
+}
+
check_pkgver() {
local ret=0
@@ -2260,10 +2274,7 @@ check_pkgver() {
awk -F'=' '$1 ~ /^[[:space:]]*pkgver$/' "$BUILDFILE" | sed "s/[[:space:]]*#.*//" |
while IFS='=' read -r _ i; do
eval i=\"$(sed 's/^\(['\''"]\)\(.*\)\1$/\2/' <<< "${i%%+([[:space:]])}")\"
- if [[ $i = *[[:space:]:-]* ]]; then
- error "$(gettext "%s is not allowed to contain colons, hyphens or whitespace.")" "pkgver"
- return 1
- fi
+ validate_pkgver "$i" || return 1
done || ret=1
return $ret