From afe7b9141ff0195abdee88aea8e15bda9c0f573f Mon Sep 17 00:00:00 2001 From: Lucio Andrés Illanes Albornoz (arab, vxp) Date: Jul 11 2016 21:04:29 +0000 Subject: Replaces rm_if_exists() [-m] [-c] w/ secure_rm(), insecure_mkdir(), and secure_cd(). secure_{rm,cd}() verify whether all pathnames supplied are rooted beneath ${PREFIX_ROOT}. --- diff --git a/004.psxstub.vars b/004.psxstub.vars index d9c467d..cf18c4b 100644 --- a/004.psxstub.vars +++ b/004.psxstub.vars @@ -9,8 +9,7 @@ pkg_psxstub_finish() { cd psxstub; make ${MAKEFLAGS} DESTDIR=${PKG_PREFIX} TARGET=${TARGET} install; if [ -e ${PKG_PREFIX}/lib/libpsxscl.a ]; then - echo rm -f -- ${PKG_PREFIX}/lib/libpsxscl.a; - rm -f -- ${PKG_PREFIX}/lib/libpsxscl.a; + secure_rm ${PKG_PREFIX}/lib/libpsxscl.a; fi; set_build_script_done install finish; fi; diff --git a/007.musl.full.build b/007.musl.full.build index 4c6e231..ab89e25 100644 --- a/007.musl.full.build +++ b/007.musl.full.build @@ -16,12 +16,12 @@ if [ "${3}" = no-complex ]; then if ! is_build_script_done fetch; then fetch http://www.musl-libc.org/releases/musl-${PKG_MUSL_VERSION}.tar.gz \ ${PKG_MUSL_SHA256SUM}; - rm_if_exists mmglue; + secure_rm mmglue; fetch_git mmglue ${GITROOT}/mmglue; set_build_script_done fetch -extract; fi; if ! is_build_script_done extract; then - rm_if_exists musl-${PKG_MUSL_VERSION}; + secure_rm musl-${PKG_MUSL_VERSION}; tar -xf ${DLCACHEDIR}/musl-${PKG_MUSL_VERSION}.tar.gz; set +o noglob; cp -R -- mmglue/* musl-${PKG_MUSL_VERSION}/; set -o noglob; set_build_script_done extract -patch; @@ -41,7 +41,9 @@ elif [ "${3}" = full ]; then set_build_dir musl-${PKG_MUSL_VERSION} cross; fi; if ! is_build_script_done configure; then - rm_if_exists -m -c ${PKG_BUILD_DIR}; + secure_rm ${PKG_BUILD_DIR}; + insecure_mkdir ${PKG_BUILD_DIR}; + secure_cd ${PKG_BUILD_DIR}; env lz_cflags_cmdline="${PKG_MUSL_CFLAGS_CONFIGURE_EXTRA}" \ lz_debug="yes" \ ../lazy/lazy \ diff --git a/009.gcc.full.build b/009.gcc.full.build index eaba17d..6131678 100644 --- a/009.gcc.full.build +++ b/009.gcc.full.build @@ -77,12 +77,12 @@ else export CFLAGS CXXFLAGS CFLAGS_FOR_BUILD CPPFLAGS_FOR_BUILD CXXFLAGS_FOR_BUILD CFLAGS_FOR_TARGET XGCC_FLAGS_FOR_TARGET CPPFLAGS_FOR_TARGET CXXFLAGS_FOR_TARGET LIBCFLAGS_FOR_TARGET; if ! is_build_script_done configure; then if [ "${3}" = stage1 ]; then - mkdir -p -- ${PKG_PREFIX}/include; + insecure_mkdir ${PKG_PREFIX}/include; [ \! -d ${PKG_PREFIX}/usr ] && \ ln -s -- . ${PKG_PREFIX}/usr; _configure_args="--prefix=${PREFIX} --with-sysroot=${PKG_PREFIX}"; elif [ "${3}" = native ]; then - mkdir -p -- ${PKG_PREFIX}/${TARGET}; + insecure_mkdir ${PKG_PREFIX}/${TARGET}; if [ \! -d ${PKG_PREFIX}/${TARGET}/usr ]; then ln -s -- . ${PKG_PREFIX}/${TARGET}/usr; fi; @@ -99,7 +99,9 @@ else --with-mpfr=${PKG_PREFIX} \ --with-sysroot="; fi; - rm_if_exists -m -c ${PKG_BUILD_DIR}; + secure_rm ${PKG_BUILD_DIR}; + insecure_mkdir ${PKG_BUILD_DIR}; + secure_cd ${PKG_BUILD_DIR}; ../cbb-gcc-${PKG_GCC_VERSION}/configure \ --disable-bootstrap \ --disable-libmudflap \ diff --git a/010.pkgconf_host.vars b/010.pkgconf_host.vars index 3443633..61d467a 100644 --- a/010.pkgconf_host.vars +++ b/010.pkgconf_host.vars @@ -4,7 +4,7 @@ pkg_pkgconf_host_install_post() { if [ -e ${PREFIX}/bin/${TARGET}-pkg-config ]; then - rm -f -- ${PREFIX}/bin/${TARGET}-pkg-config; + secure_rm ${PREFIX}/bin/${TARGET}-pkg-config; fi; cat > ${PREFIX}/bin/${TARGET}-pkg-config </dev/null)" -a -n "${TARBALL_SIGN_GPG_KEY}" ] &&\ --local-user "${TARBALL_SIGN_GPG_KEY}" --sign ${TARBALL_FNAME}; log_msg info "Signed binary distribution tarball."; fi; -rm -rf -- ${PREFIX_BASENAME}/lib; mv -- ${PREFIX_BASENAME}/lib.bak ${PREFIX_BASENAME}/lib; +secure_rm ${PREFIX_BASENAME}/lib; mv -- ${PREFIX_BASENAME}/lib.bak ${PREFIX_BASENAME}/lib; log_msg info "Restored ${PREFIX_BASENAME}/lib."; if [ "${BUILD}" = "debug" ]; then diff --git a/build.sh b/build.sh index ad80341..876a61a 100755 --- a/build.sh +++ b/build.sh @@ -88,16 +88,16 @@ if [ ${ARG_CLEAN:-0} -eq 1 ]; then log_msg info "-c specified, cleaning prefix..."; for __ in ${CLEAR_PREFIX_DIRS}; do if [ -e ${PREFIX}/${__} ]; then - rm -rf -- ${PREFIX}/${__}; + secure_rm ${PREFIX}/${__}; fi; done; fi; # Create directory hierarchy and usr -> . symlinks. -mkdir -p -- ${PREFIX} ${PREFIX_NATIVE} ${PREFIX_CROSS} ${PREFIX_TARGET}/lib ${DLCACHEDIR} ${WORKDIR}; +insecure_mkdir ${PREFIX} ${PREFIX_NATIVE} ${PREFIX_CROSS} ${PREFIX_TARGET}/lib ${DLCACHEDIR} ${WORKDIR}; for __ in ${PREFIX}/usr ${PREFIX_NATIVE}/usr; do if [ ! -L "${__}" ]; then - rm -rf -- "${__}"; ln -sf -- . "${__}"; + secure_rm "${__}"; ln -sf -- . "${__}"; fi; done; @@ -169,7 +169,7 @@ log_msg info "${BUILD_NFINI} finished, ${BUILD_NSKIP} skipped, and ${BUILD_NFAIL log_msg info "Build time: ${BUILD_TIMES_HOURS} hour(s), ${BUILD_TIMES_MINUTES} minute(s), and ${BUILD_TIMES_SECS} second(s)."; if [ -f "${BUILD_STATUS_IN_PROGRESS_FNAME}" ]; then - rm -f -- ${BUILD_STATUS_IN_PROGRESS_FNAME}; + secure_rm ${BUILD_STATUS_IN_PROGRESS_FNAME}; fi; exit ${BUILD_SCRIPT_RC})} 2>&1 | tee ${BUILD_LOG_FNAME} & diff --git a/build.subr b/build.subr index 168e972..10dbfd1 100644 --- a/build.subr +++ b/build.subr @@ -32,7 +32,6 @@ fetch() { touch ${_f_url_dst}.fetched; unset _f_url _f_url_dst _f_sha256sum_src _f_sha256sum_dst; }; - fetch_git() { _fg_subdir="${1}"; _fg_url="${2}"; _fg_branch="${3}"; if [ -e "${DLCACHEDIR}/${_fg_subdir}" ]; then @@ -47,7 +46,7 @@ fetch_git() { git checkout -b ${_fg_branch} && cd ${OLDPWD}; fi; fi; - rm_if_exists ${_fg_subdir}; + secure_rm ${_fg_subdir}; echo cp -pr ${DLCACHEDIR}/${_fg_subdir} .; cp -pr ${DLCACHEDIR}/${_fg_subdir} .; }; @@ -136,7 +135,7 @@ set_build_script_done() { _sbsd_done_fname=${WORKDIR}/.${_sbsd_script_fname%.build}; while [ $# -ge 1 ]; do if [ "${1#-}" != "${1}" ]; then - rm -f -- ${_sbsd_done_fname}.${1#-}; + secure_rm ${_sbsd_done_fname}.${1#-}; else touch ${_sbsd_done_fname}.${1}; log_msg info "Finished build step ${1} of build script \`${_sbsd_script_fname}'."; @@ -160,6 +159,7 @@ log_env_vars() { shift; done; unset _lev_arg_len_max; }; + log_msg() { _lm_lvl=${1}; shift; case ${_lm_lvl} in @@ -223,19 +223,51 @@ set_env_vars_with_sep() { done; unset _sevws_sep; pop_IFS; }; -rm_if_exists() { - [ -z "${1#-m}" ] && { _rie_arg_m=1; shift; }; - [ -z "${1#-c}" ] && { _rie_arg_c=1; shift; }; - [ -z "${1}" ] && return 1; - if [ -d ${1} -o -f ${1} ]; then - log_msg warn "Removing directory or file \`${1}'."; - rm -rf -- ${1}; +secure_cd() { + if [ \( -z "${1}" \) -o \( ! -e "${1}" \) ]; then + return 1; + else + (cd "${1}"; [ "${PWD#${PREFIX_ROOT}}" = "${PWD}" ] &&\ + return 1 || return 0); + if [ ${?} -eq 0 ]; then + log_msg warn "Changing working directory to \`${1}'."; + cd -- "${1}"; + else + log_msg failexit "secure_cd() called with pathname \`${1}' not below \${PREFIX_ROOT} (${PREFIX_ROOT}). This is a bug."; + fi; fi; - [ ${_rie_arg_m:-0} -eq 1 ] && { - log_msg warn "Making directory \`${1}'."; - mkdir -- ${1}; unset _rie_arg_m; }; - [ ${_rie_arg_c:-0} -eq 1 ] && { cd ${1}; unset _rie_arg_c; }; - return 0; +}; +insecure_mkdir() { + while [ ${#} -gt 0 ]; do + if [ -z "${1}" ]; then + return 1; + elif [ ! -e "${1}" ]; then + log_msg warn "Making directory \`${1}'."; + mkdir -p -- "${1}"; + fi; shift; + done; +}; +secure_rm() { + while [ ${#} -gt 0 ]; do + if [ -z "${1}" ]; then + return 1; + elif [ -e "${1}" ]; then + if [ -d "${1}" ]; then + _sr_pname_check="${1}"; + else + _sr_pname_check="$(dirname "${1}")"; + fi; + (cd "${_sr_pname_check}"; [ "${PWD#${PREFIX_ROOT}}" = "${PWD}" ] &&\ + return 1 || return 0); + if [ ${?} -eq 0 ]; then + unset _sr_pname_check; + log_msg warn "Removing directory or file \`${1}'."; + rm -rf -- "${1}"; + else + log_msg failexit "secure_rm() called with pathname \`${1}' not below \${PREFIX_ROOT} (${PREFIX_ROOT}). This is a bug."; + fi; + fi; shift; + done; }; run_cmd_unsplit() { diff --git a/build.vars b/build.vars index 239a3f7..79019c1 100644 --- a/build.vars +++ b/build.vars @@ -29,17 +29,18 @@ else log_msg failexit "Error: unknown build type \`${BUILD}'."; fi; -: ${PREFIX:=${HOME}/midipix/${ARCH}/${BUILD}}; +: ${PREFIX_ROOT:=${HOME}/midipix}; +: ${PREFIX:=${PREFIX_ROOT}/${ARCH}/${BUILD}}; : ${PREFIX_NATIVE:=${PREFIX}/native}; : ${PREFIX_CROSS:=${PREFIX}/${TARGET}}; -: ${DLCACHEDIR:=${HOME}/midipix/dlcache}; +: ${DLCACHEDIR:=${PREFIX_ROOT}/dlcache}; : ${WORKDIR:=${PREFIX}/tmp}; export PATH="${PREFIX}/bin${PATH:+:${PATH}}"; : ${BUILD_LOG_FNAME:=${PREFIX}/build.log}; : ${BUILD_LOG_LAST_FNAME:=${PREFIX}/build.log.last}; : ${BUILD_STATUS_IN_PROGRESS_FNAME:=${PREFIX}/BUILD_IN_PROGRESS}; -: ${CHECK_PREREQ_CMDS:="aclocal autoconf autopoint awk basename bunzip2 flex git groff gunzip install libtool lzma make makeinfo nl nroff openssl patch sed sha256sum sort tar tee tr uname wget xz"}; +: ${CHECK_PREREQ_CMDS:="aclocal autoconf autopoint awk basename bunzip2 find flex git groff gunzip install libtool lzma make makeinfo nl nroff openssl patch sed sha256sum sort tar tee tr uname wget xz"}; : ${CHECK_PREREQ_FILES:="/usr/include/gmpxx.h /usr/include/mpc.h /usr/include/mpfr.h"}; : ${CHECK_PATH_VARS:="PREFIX PREFIX_NATIVE PREFIX_CROSS DLCACHEDIR WORKDIR"}; : ${CLEAR_ENV_VARS_EXCEPT:="HOME PATH SHELL TERM USER"}; diff --git a/pkg.build b/pkg.build index 8d69553..b311768 100644 --- a/pkg.build +++ b/pkg.build @@ -34,9 +34,9 @@ if test_cmd pkg_${PKG_NAME}_finish; then pkg_${PKG_NAME}_finish; exit 0; elif [ "${PKG_URL_TYPE:-wget}" = wget ] &&\ ! is_build_script_done extract; then - rm_if_exists ${PKG_SUBDIR}; + secure_rm ${PKG_SUBDIR}; if [ ${PKG_SUBDIR_CREATE:-0} -eq 1 ]; then - mkdir -- ${PKG_SUBDIR}; + insecure_mkdir ${PKG_SUBDIR}; fi; if [ "${PKG_FNAME##*.tar.}" = "bz2" ]; then bunzip2 -d < ${DLCACHEDIR}/${PKG_FNAME} | tar ${PKG_SUBDIR_CREATE:+-C ${PKG_SUBDIR}} -xf -; @@ -63,7 +63,8 @@ if [ -z "${PKG_BUILD_DIR}" ]; then fi; if ! is_build_script_done build_dir; then [ "${PKG_SUBDIR}" != "${PKG_BUILD_DIR}" ] &&\ - rm_if_exists -m ${PKG_BUILD_DIR}; + secure_rm ${PKG_BUILD_DIR}; + insecure_mkdir ${PKG_BUILD_DIR}; set_build_script_done build_dir -patch; fi; if [ -e ${PKG_SUBDIR}/configure -o \ @@ -193,7 +194,9 @@ if ! is_build_script_done install; then fi; fi; if [ -d ${PKG_PREFIX}/lib ]; then - find ${PKG_PREFIX}/lib -type f -name \*.la -exec rm -f -- {} \; + for __ in $(find ${PKG_PREFIX}/lib -type f -name \*.la); do + secure_rm ${__}; + done; fi; if [ -n "${PKG_INSTALL_FILES}" ]; then (set -- ${PKG_INSTALL_FILES}; @@ -208,8 +211,7 @@ if ! is_build_script_done install; then ;; /=*) __mkdir_fname="${1#/=}"; - echo mkdir -p -- ${PKG_PREFIX}/${__mkdir_fname}; - mkdir -p -- ${PKG_PREFIX}/${__mkdir_fname}; + insecure_mkdir ${PKG_PREFIX}/${__mkdir_fname}; ;; *) __file_fname_src="${1%=*}"; @@ -225,7 +227,7 @@ if ! is_build_script_done install; then $(find \( -name "*.so" \ -or -name "*.so.[0-9]" \ -or -name "*.so.[0-9].[0-9]" \ - -or -name "*.so.[0-9].[0-9].[0-9]" \) -printf "%P\n"); + -or -name "*.so.[0-9].[0-9].[0-9]" \) -printf '%P\n'); do if [ \( -e ${__so_fname%.so}.lib.a \) -o \ \( ! -e ${PKG_PREFIX}/lib/${__so_fname} \) ];