diff options
| author |   Ulrich Müller <ulm@gentoo.org> | 2023-06-05 19:59:33 +0200 |
|---|---|---|
| committer | Ulrich Müller <ulm@gentoo.org> | 2023-06-05 19:59:33 +0200 |
| commit | 81dc05871392f5acbf5fadb5bb1991c737e42a5f (patch) | |
| tree | 8880d86c1e81133e14b6ac51441c202592144a67 | |
| parent | Quote argument of ":" command (diff) | |
| download | eselect-81dc05871392f5acbf5fadb5bb1991c737e42a5f.tar.gz eselect-81dc05871392f5acbf5fadb5bb1991c737e42a5f.tar.bz2 eselect-81dc05871392f5acbf5fadb5bb1991c737e42a5f.zip | |
Sanitise PATH
* bin/eselect.in (PATH): Sanitise, remove Portage's internal
ebuild-helpers dir from it.
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rwxr-xr-x | bin/eselect.in | 13 |
2 files changed, 15 insertions, 1 deletions
@@ -1,5 +1,8 @@ 2023-06-05 Ulrich Müller <ulm@gentoo.org> + * bin/eselect.in (PATH): Sanitise, remove Portage's internal + ebuild-helpers dir from it. + * bin/eselect.in (EPREFIX): Quote argument of ":" command. This avoids globbing, see: https://www.shellcheck.net/wiki/SC2223 Add some more quotes throughout. diff --git a/bin/eselect.in b/bin/eselect.in index c59a09d..483a572 100755 --- a/bin/eselect.in +++ b/bin/eselect.in @@ -53,13 +53,24 @@ EROOT="${ROOT%${EPREFIX:+/}}${EPREFIX}" "unalias" -a unset -f rm unset CDPATH GLOBIGNORE -IFS=$' \t\n' shopt -s extglob shopt -s expand_aliases umask +rx +# Sanitise PATH: We don't want to execute Portage's internal helpers +# if we're called from an ebuild. +IFS=: +read -r -d '' -a path <<<"${PATH}" +for i in "${!path[@]}"; do + [[ ${path[i]} == */portage?(/*)/ebuild-helpers?(/*) ]] && unset "path[i]" +done +PATH="${path[*]}" +unset i path + +IFS=$' \t\n' + # Save stderr file descriptor if (( BASH_VERSINFO[0] == 4 && BASH_VERSINFO[1] >= 1 || BASH_VERSINFO[0] > 4 )) then |