[PATCH] src_postinst.cygpart: Sanitize binary data in bash command subst
Eric Blake
eblake@redhat.com
Fri Dec 16 21:09:00 GMT 2016
On 12/16/2016 02:40 PM, Eric Blake wrote:
> bash 4.4 now warns about skipping NUL bytes in $(command), since
> command substitution is only well-formed for commands that output
> text, but NUL bytes are not text. Silence the warning by removing
> NUL bytes from the stream before bash can see them.
> ---
> lib/src_postinst.cygpart | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/src_postinst.cygpart b/lib/src_postinst.cygpart
> index 30ad90e..2ae26b6 100644
> --- a/lib/src_postinst.cygpart
> +++ b/lib/src_postinst.cygpart
> @@ -967,14 +967,14 @@ __prepstrip() {
> # Magic number is at end of file:
> # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=256900#74
> # http://cygwin.com/ml/cygwin-apps/2010-10/msg00057.html
> - case $(tail -c 12 "${exe}") in
> + case $(tail -c 12 "${exe}" | tr -d '\0') in
> Caml1999X0[0-9][0-9]) continue ;;
> esac
>
> # Perl Archive (PAR) binaries must not be stripped
> # https://rt.cpan.org/Public/Bug/Display.html?id=18536
> # http://cygwin.com/ml/cygwin-apps/2012-07/msg00088.html
> - case $(tail -c 8 "${exe}" | tr '\012' '%') in
> + case $(tail -c 8 "${exe}" | tr '\012\0' '%') in
> %PAR\.pm%) continue ;;
> esac
And of course, reading this in isolation, we could shave a process or
two by merging the two case statements into one, if you want to go one
step further as a micro-optimization:
diff --git i/lib/src_postinst.cygpart w/lib/src_postinst.cygpart
index 2ae26b6..ac045ee 100644
--- i/lib/src_postinst.cygpart
+++ w/lib/src_postinst.cygpart
@@ -967,15 +967,12 @@ __prepstrip() {
# Magic number is at end of file:
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=256900#74
# http://cygwin.com/ml/cygwin-apps/2010-10/msg00057.html
- case $(tail -c 12 "${exe}" | tr -d '\0') in
- Caml1999X0[0-9][0-9]) continue ;;
- esac
-
# Perl Archive (PAR) binaries must not be stripped
# https://rt.cpan.org/Public/Bug/Display.html?id=18536
# http://cygwin.com/ml/cygwin-apps/2012-07/msg00088.html
- case $(tail -c 8 "${exe}" | tr '\012\0' '%') in
- %PAR\.pm%) continue ;;
+ case $(tail -c 12 "${exe}" | tr '\012\0' '%') in
+ *%PAR\.pm%) continue ;;
+ Caml1999X0[0-9][0-9]) continue ;;
esac
echo " ${exe}";
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://cygwin.com/pipermail/cygwin-apps/attachments/20161216/1586b41e/attachment.sig>
More information about the Cygwin-apps
mailing list