[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: maintainer-makefile: quoting
From: |
Jim Meyering |
Subject: |
Re: maintainer-makefile: quoting |
Date: |
Tue, 07 Aug 2012 08:45:34 +0200 |
Simon Josefsson wrote:
> I got this error from syntax-check:
>
> address@hidden:~/src/libidn$ make sc_vulnerable_makefile_CVE-2012-3386
> vulnerable_makefile_CVE-2012-3386
> /bin/sh: 2: Syntax error: "(" unexpected
> make: *** [sc_vulnerable_makefile_CVE-2012-3386] Fel 2
> address@hidden:~/src/libidn$
>
> The patch below appears to fix it. This is on a system with dash as
> /bin/sh. Thoughts?
Hi Simon,
Thanks for dealing with this.
> +2012-08-07 Simon Josefsson <address@hidden>
> +
> + * top/maint.mk (sc_vulnerable_makefile_CVE-2009-4029): Quote arguments.
> + (sc_vulnerable_makefile_CVE-2012-3386): Likewise.
...
> +++ b/top/maint.mk
> @@ -1222,7 +1222,7 @@ sc_prohibit_path_max_allocation:
>
> sc_vulnerable_makefile_CVE-2009-4029:
> @prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \
> - in_files=(^\|/)Makefile\\.in$$ \
> + in_files='(^\|/)Makefile\\.in$$' \
Adding quotes is the solution, but you must then remove
one layer of backslash quoting:
diff --git a/top/maint.mk b/top/maint.mk
index f42c199..a2b0b8d 100644
--- a/top/maint.mk
+++ b/top/maint.mk
@@ -1222,7 +1222,7 @@ sc_prohibit_path_max_allocation:
sc_vulnerable_makefile_CVE-2009-4029:
@prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \
- in_files=(^\|/)Makefile\\.in$$ \
+ in_files='(^|/)Makefile\.in$$' \
halt=$$(printf '%s\n' \
'the above files are vulnerable; beware of running' \
' "make dist*" rules, and upgrade to fixed automake' \
@@ -1231,7 +1231,7 @@ sc_vulnerable_makefile_CVE-2009-4029:
sc_vulnerable_makefile_CVE-2012-3386:
@prohibit='chmod a\+w \$$\(distdir\)' \
- in_files=(^\|/)Makefile\\.in$$ \
+ in_files='(^|/)Makefile\.in$$' \
halt=$$(printf '%s\n' \
'the above files are vulnerable; beware of running' \
' "make distcheck", and upgrade to fixed automake' \