commit: bd6dc1f13a58a72fa24b7df0be8d30290c06a4c1
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Fri Jun 6 19:50:44 2025 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Jun 6 22:02:16 2025 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=bd6dc1f1
misc-functions.sh: split words safely in {die,success}_hooks()
Presently, the die_hooks() and success_hooks() functions split the
'EBUILD_DEATH_HOOKS' and 'EBUILD_SUCCESS_HOOKS' variables by way of an
unquoted expansion, making them sensitive to the prevailing value of
IFS, as well as potentially performing pathname expansion on the
resulting words.
Address the issue by using read to separate the words into an array, and
by ensuring that all expansions are quoted.
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
Signed-off-by: Sam James <sam <AT> gentoo.org>
bin/misc-functions.sh | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh
index 47e7ae72e4..601f6b15bc 100755
--- a/bin/misc-functions.sh
+++ b/bin/misc-functions.sh
@@ -644,20 +644,26 @@ __dyn_rpm() {
}
die_hooks() {
+ local -a hooks
+ local IFS cmd
+
[[ -f ${PORTAGE_BUILDDIR}/.die_hooks ]] && return
- local x
- for x in ${EBUILD_DEATH_HOOKS} ; do
- ${x} >&2
+ read -rd '' -a hooks <<<"${EBUILD_DEATH_HOOKS}"
+ for cmd in "${hooks[@]}"; do
+ "${cmd}" >&2
done
> "${PORTAGE_BUILDDIR}/.die_hooks"
}
success_hooks() {
- local x
- for x in ${EBUILD_SUCCESS_HOOKS} ; do
- ${x}
+ local -a hooks
+ local IFS cmd
+
+ read -rd '' -a hooks <<<"${EBUILD_SUCCESS_HOOKS}"
+ for cmd in "${hooks[@]}"; do
+ "${cmd}"
done
}
