From afe7b9141ff0195abdee88aea8e15bda9c0f573f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lucio=20Andr=C3=A9s=20Illanes=20Albornoz=20=28arab=2C=20vx?=
 =?UTF-8?q?p=29?= <l.illanes@gmx.de>
Date: Mon, 11 Jul 2016 20:18:10 +0000
Subject: Replaces rm_if_exists() [-m] [-c] w/ secure_rm(), insecure_mkdir(),
 and secure_cd(). secure_{rm,cd}() verify whether all pathnames supplied are
 rooted beneath ${PREFIX_ROOT}.

---
 pkg.build | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

(limited to 'pkg.build')

diff --git a/pkg.build b/pkg.build
index 8d695535..b311768a 100644
--- a/pkg.build
+++ b/pkg.build
@@ -34,9 +34,9 @@ if test_cmd pkg_${PKG_NAME}_finish; then
 	pkg_${PKG_NAME}_finish; exit 0;
 elif [ "${PKG_URL_TYPE:-wget}" = wget ] &&\
 ! is_build_script_done extract; then
-	rm_if_exists ${PKG_SUBDIR};
+	secure_rm ${PKG_SUBDIR};
 	if [ ${PKG_SUBDIR_CREATE:-0} -eq 1 ]; then
-		mkdir -- ${PKG_SUBDIR};
+		insecure_mkdir ${PKG_SUBDIR};
 	fi;
 	if [ "${PKG_FNAME##*.tar.}" = "bz2" ]; then
 		bunzip2 -d < ${DLCACHEDIR}/${PKG_FNAME} | tar ${PKG_SUBDIR_CREATE:+-C ${PKG_SUBDIR}} -xf -;
@@ -63,7 +63,8 @@ if [ -z "${PKG_BUILD_DIR}" ]; then
 fi;
 if ! is_build_script_done build_dir; then
 	[ "${PKG_SUBDIR}" != "${PKG_BUILD_DIR}" ] &&\
-		rm_if_exists -m ${PKG_BUILD_DIR};
+		secure_rm ${PKG_BUILD_DIR};
+		insecure_mkdir ${PKG_BUILD_DIR};
 	set_build_script_done build_dir -patch;
 fi;
 if [ -e ${PKG_SUBDIR}/configure -o							\
@@ -193,7 +194,9 @@ if ! is_build_script_done install; then
 		fi;
 	fi;
 	if [ -d ${PKG_PREFIX}/lib ]; then
-		find ${PKG_PREFIX}/lib -type f -name \*.la -exec rm -f -- {} \;
+		for __ in $(find ${PKG_PREFIX}/lib -type f -name \*.la); do
+			secure_rm ${__};
+		done;
 	fi;
 	if [ -n "${PKG_INSTALL_FILES}" ]; then
 		(set -- ${PKG_INSTALL_FILES};
@@ -208,8 +211,7 @@ if ! is_build_script_done install; then
 			;;
 		/=*)
 			__mkdir_fname="${1#/=}";
-			echo mkdir -p -- ${PKG_PREFIX}/${__mkdir_fname};
-			mkdir -p -- ${PKG_PREFIX}/${__mkdir_fname};
+			insecure_mkdir ${PKG_PREFIX}/${__mkdir_fname};
 			;;
 		*)
 			__file_fname_src="${1%=*}";
@@ -225,7 +227,7 @@ if ! is_build_script_done install; then
 			$(find	\( -name "*.so"						\
 				-or -name "*.so.[0-9]"					\
 				-or -name "*.so.[0-9].[0-9]"				\
-				-or -name "*.so.[0-9].[0-9].[0-9]" \) -printf "%P\n");
+				-or -name "*.so.[0-9].[0-9].[0-9]" \) -printf '%P\n');
 		do
 			if [ \( -e ${__so_fname%.so}.lib.a \) -o			\
 			     \( ! -e ${PKG_PREFIX}/lib/${__so_fname} \) ];
-- 
cgit v1.2.3