mirror of
https://github.com/sbopkg/sbopkg
synced 2025-01-29 20:34:34 +01:00
Properly validate repository descriptors.
Repository descriptors (*.repo files) weren't properly validated on load. This could lead to unexpected problems whenever a wrong descriptor is found. This patch replaces the original 2-lines loader with a proper parsing function which also performs some sanity checks. While at it, stop using the magic number '7' as the number of fields in a repository record -- use a variable instead. Signed-off-by: Mauro Giachero <mauro.giachero@gmail.com>
This commit is contained in:
mauro.giachero
parent
a5b7b85b4d
commit
39ce2083f4
2 changed files with 65 additions and 8 deletions
|
|
@ -13,7 +13,7 @@ is compound of the following seven fields:
|
||||||
|
|
||||||
1. REPOSITORY (a _short_ name identifying the repository)
|
1. REPOSITORY (a _short_ name identifying the repository)
|
||||||
2. BRANCH (a _short_ name identifying the branch of that repository)
|
2. BRANCH (a _short_ name identifying the branch of that repository)
|
||||||
3. DESCRIPTION (a <50 chars description, which _must_be_double_quoted_)
|
3. DESCRIPTION (a <50 chars description, which _must_be_quoted_)
|
||||||
4. TAG (the packages' tag)
|
4. TAG (the packages' tag)
|
||||||
5. TOOL (rsync, git or "", is the tool able to check out the repository/branch)
|
5. TOOL (rsync, git or "", is the tool able to check out the repository/branch)
|
||||||
6. LINK (the tool-dependent link to the branch)
|
6. LINK (the tool-dependent link to the branch)
|
||||||
|
|
@ -35,5 +35,5 @@ still be present). CHECKGPG format can be "GPG" if the repo supports GPG
|
||||||
checking, or "" (which also must be present) if the repo does not support GPG
|
checking, or "" (which also must be present) if the repo does not support GPG
|
||||||
checks.
|
checks.
|
||||||
|
|
||||||
Lines _containing_ # are ignored when parsing the files. Lines containing a
|
Lines _containing_ # are ignored when parsing the files. Lines containing
|
||||||
single quote (') or backslashes (\) are not allowed.
|
backslashes (\) are not allowed.
|
||||||
|
|
|
||||||
|
|
@ -181,13 +181,68 @@ EOF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Load the repositories data
|
# Load the repositories data
|
||||||
eval REPOSITORIES=( $(cat $SBOPKG_REPOS_D/*.repo | grep -v '#' |
|
load_repositories || exit 1
|
||||||
sed 's:":\\":g' | xargs echo) )
|
|
||||||
|
|
||||||
# Check for ncurses
|
# Check for ncurses
|
||||||
[[ -x /usr/bin/tput ]] && HAS_NCURSES=1
|
[[ -x /usr/bin/tput ]] && HAS_NCURSES=1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
load_repositories() {
|
||||||
|
# Fill the REPOSITORIES array with the data from the .repo files
|
||||||
|
|
||||||
|
local FILE LINE i
|
||||||
|
local TMPARRAY
|
||||||
|
local ERROR
|
||||||
|
|
||||||
|
for FILE in $SBOPKG_REPOS_D/*.repo; do
|
||||||
|
# Reading from $FILE...
|
||||||
|
while read LINE; do
|
||||||
|
grep -q '#' <<< "$LINE" && continue
|
||||||
|
eval TMPARRAY=( "$LINE" )
|
||||||
|
[[ ${#TMPARRAY[@]} -eq 0 ]] && continue;
|
||||||
|
# Sanity checks
|
||||||
|
[[ ! ${TMPARRAY[6]} =~ '^GPG$|^$' ]] && ERROR="gpg"
|
||||||
|
[[ ! ${TMPARRAY[4]} =~ '^rsync$|^git$|^$' ]] && ERROR="tool"
|
||||||
|
[[ ${#TMPARRAY[@]} -ne $REPOS_FIELDS ]] && ERROR="fields"
|
||||||
|
[[ -n $ERROR ]] && break 2
|
||||||
|
# Add the record to REPOSITORIES
|
||||||
|
for i in ${!TMPARRAY[@]}; do
|
||||||
|
REPOSITORIES[${#REPOSITORIES[@]}]="${TMPARRAY[$i]}"
|
||||||
|
done
|
||||||
|
done < $FILE
|
||||||
|
done
|
||||||
|
|
||||||
|
if [[ -n $ERROR ]]; then
|
||||||
|
cat <<EOF
|
||||||
|
ERROR
|
||||||
|
$SCRIPT: Invalid repository descriptor
|
||||||
|
|
||||||
|
Line
|
||||||
|
$LINE
|
||||||
|
of
|
||||||
|
$FILE
|
||||||
|
EOF
|
||||||
|
|
||||||
|
case $ERROR in
|
||||||
|
'fields' )
|
||||||
|
crunch_fmt "doesn't contain the right number of fields\
|
||||||
|
($REPOS_FIELDS)."
|
||||||
|
;;
|
||||||
|
'tool' )
|
||||||
|
crunch_fmt "specifies an unknown fetching tool\
|
||||||
|
(${TMPARRAY[4]})."
|
||||||
|
;;
|
||||||
|
'gpg' )
|
||||||
|
crunch_fmt "specifies an unknown signature checker\
|
||||||
|
(${TMPARRAY[6]})."
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
ck_dir() {
|
ck_dir() {
|
||||||
# This function displays the directory-creation message and then creates
|
# This function displays the directory-creation message and then creates
|
||||||
# the missing directory.
|
# the missing directory.
|
||||||
|
|
@ -867,7 +922,7 @@ set_repo_vars() {
|
||||||
# Make sure we don't return old values with an invalid input
|
# Make sure we don't return old values with an invalid input
|
||||||
unset REPO_DESC REPO_TAG REPO_TOOL REPO_LINK REPO_DIR REPO_GPG
|
unset REPO_DESC REPO_TAG REPO_TOOL REPO_LINK REPO_DIR REPO_GPG
|
||||||
|
|
||||||
for ((i=0; i<${#REPOSITORIES[@]}; i+=7)); do
|
for ((i=0; i<${#REPOSITORIES[@]}; i+=$REPOS_FIELDS)); do
|
||||||
if [[ ( ${REPOSITORIES[$i]} = $REPO_NAME || $REPO_NAME = "" ) &&
|
if [[ ( ${REPOSITORIES[$i]} = $REPO_NAME || $REPO_NAME = "" ) &&
|
||||||
${REPOSITORIES[$((i + 1))]} = $REPO_BRANCH ]]; then
|
${REPOSITORIES[$((i + 1))]} = $REPO_BRANCH ]]; then
|
||||||
REPO_NAME=${REPOSITORIES[i]}
|
REPO_NAME=${REPOSITORIES[i]}
|
||||||
|
|
@ -901,7 +956,7 @@ select_repository() {
|
||||||
like to change it, please select another repository below or \
|
like to change it, please select another repository below or \
|
||||||
press <Back> to go back.")"' 17 60 7 \
|
press <Back> to go back.")"' 17 60 7 \
|
||||||
$(
|
$(
|
||||||
for ((i=0; i<${#REPOSITORIES[@]}; i+=7)); do
|
for ((i=0; i<${#REPOSITORIES[@]}; i+=$REPOS_FIELDS)); do
|
||||||
echo \"${REPOSITORIES[$((i+1))]} \(${REPOSITORIES[$i]}\)\"
|
echo \"${REPOSITORIES[$((i+1))]} \(${REPOSITORIES[$i]}\)\"
|
||||||
echo \"${REPOSITORIES[$((i+2))]}\"
|
echo \"${REPOSITORIES[$((i+2))]}\"
|
||||||
done
|
done
|
||||||
|
|
@ -3955,6 +4010,7 @@ unset BUILDOPTIONS # TODO
|
||||||
# SBOPKG_CONF # Configuration file
|
# SBOPKG_CONF # Configuration file
|
||||||
# REPO_ROOT # Directory containing all repository mirrors
|
# REPO_ROOT # Directory containing all repository mirrors
|
||||||
unset HAS_NCURSES # Set if the ncurses package is installed
|
unset HAS_NCURSES # Set if the ncurses package is installed
|
||||||
|
unset REPOS_FIELDS # Number of fields for each repository entry
|
||||||
unset REPO_NAME # Currently active repository (e.g. SBo)
|
unset REPO_NAME # Currently active repository (e.g. SBo)
|
||||||
unset REPO_BRANCH # Currently active branch (e.g. 13.0)
|
unset REPO_BRANCH # Currently active branch (e.g. 13.0)
|
||||||
unset REPO_DESC # Active branch's description
|
unset REPO_DESC # Active branch's description
|
||||||
|
|
@ -3980,6 +4036,7 @@ REV="$Revision$"
|
||||||
SBOVER=svn_r$(cut -d' ' -f2 <<< "$REV")
|
SBOVER=svn_r$(cut -d' ' -f2 <<< "$REV")
|
||||||
DIAG=1
|
DIAG=1
|
||||||
ON_ERROR=ask
|
ON_ERROR=ask
|
||||||
|
REPOS_FIELDS=7
|
||||||
|
|
||||||
# Make sure we are root.
|
# Make sure we are root.
|
||||||
if [[ $(id -u) != 0 ]]; then
|
if [[ $(id -u) != 0 ]]; then
|
||||||
|
|
@ -4149,7 +4206,7 @@ set_repo_vars
|
||||||
if [[ $? -ne 0 ]] ; then
|
if [[ $? -ne 0 ]] ; then
|
||||||
echo "Unknown repository name -- \"$CUSTOMVER\"" >&2
|
echo "Unknown repository name -- \"$CUSTOMVER\"" >&2
|
||||||
echo "Valid options are:" >&2
|
echo "Valid options are:" >&2
|
||||||
for ((i=0; i<${#REPOSITORIES[@]}; i+=7)); do
|
for ((i=0; i<${#REPOSITORIES[@]}; i+=$REPOS_FIELDS)); do
|
||||||
echo -en "${REPOSITORIES[$i]}/${REPOSITORIES[(($i + 1))]}\\t" >&2
|
echo -en "${REPOSITORIES[$i]}/${REPOSITORIES[(($i + 1))]}\\t" >&2
|
||||||
echo "(${REPOSITORIES[(($i + 2))]})" >&2
|
echo "(${REPOSITORIES[(($i + 2))]})" >&2
|
||||||
done
|
done
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue