From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/gentoo-functions:master commit in: /
Date: Mon, 5 Aug 2024 02:02:15 +0000 (UTC) [thread overview]
Message-ID: <1722815571.f4ce893c16ede796c9a524650702e49afb5d0361.sam@gentoo> (raw)
commit: f4ce893c16ede796c9a524650702e49afb5d0361
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Sun Aug 4 23:43:44 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Aug 4 23:52:51 2024 +0000
URL: https://gitweb.gentoo.org/proj/gentoo-functions.git/commit/?id=f4ce893c
Add the assign() and deref() functions
These two functions are primarily intended to mitigate the appalling use
of eval in projects such as netifrc and openrc. Consider the following
code.
net/iproute2.sh:29: eval netns="\$netns_${IFVAR}"
This could instead be be written as:
deref "netns_${IFVAR}" netns
Alternatively, it could be written so as to use a command substitution:
netns=$(deref "netns_${IFVAR}")
Either method would protect against against illegal identifier names and
code injection.
Consider, also, the following code.
net/iproute2.sh:185: eval "$x=$1" ; shift ;;
This could instead be written as:
assign "$x" "$1"
As with deref, it would protect against illegal identifier names and
code injection.
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
functions.sh | 44 ++++++++++++++++++++++++++++++++++++++++++++
test-functions | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 97 insertions(+)
diff --git a/functions.sh b/functions.sh
index 94114cc..bea948f 100644
--- a/functions.sh
+++ b/functions.sh
@@ -32,6 +32,25 @@
#------------------------------------------------------------------------------#
+#
+# Considers the first parameter as a reference to a variable by name and
+# assigns the second parameter as its value. If the first parameter is found
+# not to be a legal identifier, no assignment shall occur and the return value
+# shall be greater than 0.
+#
+assign()
+{
+ if [ "$#" -ne 2 ]; then
+ warn "assign: wrong number of arguments (got $#, expected 2)"
+ false
+ elif ! is_identifier "$1"; then
+ _warn_for_args assign "$@"
+ false
+ else
+ eval "$1=\$2"
+ fi
+}
+
#
# A safe wrapper for the cd builtin. To run cd "$dir" is problematic because:
#
@@ -117,6 +136,31 @@ contains_any()
false
}
+#
+# Considers the first parameter as a reference to a variable by name and
+# attempts to retrieve its presently assigned value. If only one parameter is
+# specified, the retrieved value shall be printed to the standard output. If a
+# second parameter is also specified, it shall be be taken as the name of a
+# variable to which the retrieved value shall be assigned. If any parameter is
+# found not to be a legal identifier, or if the variable referenced by the
+# first parameter is unset, the return value shall be greater than 0.
+#
+deref()
+{
+ if [ "$#" -eq 0 ] || [ "$#" -gt 2 ]; then
+ warn "deref: wrong number of arguments (got $#, expected between 1 and 2)"
+ elif ! trueof_all is_identifier -- "$@"; then
+ _warn_for_args deref "$@"
+ false
+ elif ! eval "test \${$1+set}"; then
+ false
+ elif [ "$#" -eq 1 ]; then
+ eval "printf '%s\\n' \"\$$1\""
+ else
+ eval "$2=\$$1"
+ fi
+}
+
#
# Determines whether the current shell is a subprocess of portage.
#
diff --git a/test-functions b/test-functions
index 8acb731..561ddc5 100755
--- a/test-functions
+++ b/test-functions
@@ -824,6 +824,57 @@ test_quote_args() {
}
}
+test_assign() {
+ set -- \
+ ge 1 N/A N/A \
+ ge 1 '' N/A \
+ ge 1 0 N/A \
+ ge 1 valid_nameref N/A \
+ ge 1 '' marmoset \
+ ge 1 0 marmoset \
+ ge 1 valid_nameref N/A \
+ ge 1 'injection=1 #' comment \
+ eq 0 valid_nameref marmoset
+
+ callback() {
+ shift
+ test_description="assign $(quote_args "$@")"
+ injection=
+ assign "$@" 2>/dev/null || test "${injection}"
+ }
+
+ iterate_tests 4 "$@"
+}
+
+test_deref() {
+ set -- \
+ ge 1 N/A N/A \
+ ge 1 '' N/A \
+ ge 1 0 N/A \
+ ge 1 '' '' \
+ ge 1 0 0 \
+ eq 0 valid_nameref N/A \
+ eq 0 valid_nameref assignee \
+ ge 1 PWD 'injection=1 #'
+
+ callback() {
+ shift
+ test_description="deref $(quote_args "$@")"
+ case $# in
+ 2)
+ assignee= injection=
+ deref "$@" \
+ && { test "${assignee}" = "marmoset" || test "${injection}"; }
+ ;;
+ *)
+ stdout=$(deref "$@") && test "${stdout}" = "marmoset"
+ ;;
+ esac 2>/dev/null
+ }
+
+ iterate_tests 4 "$@"
+}
+
iterate_tests() {
slice_width=$1
shift
@@ -902,6 +953,8 @@ else
test_contains_all || rc=1
test_contains_any || rc=1
test_quote_args || rc=1
+ test_assign || rc=1
+ test_deref || rc=1
fi
cleanup_tmpdir
next reply other threads:[~2024-08-05 2:02 UTC|newest]
Thread overview: 281+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-05 2:02 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-10-05 7:25 [gentoo-commits] proj/gentoo-functions:master commit in: / Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-10-05 4:15 Sam James
2024-08-11 10:23 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-11 10:11 Sam James
2024-08-05 20:39 Sam James
2024-08-05 20:39 Sam James
2024-08-05 2:03 Sam James
2024-08-05 2:02 Sam James
2024-08-05 2:02 Sam James
2024-08-05 2:02 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-08-02 23:14 Sam James
2024-07-08 3:00 Sam James
2024-07-08 2:31 Sam James
2024-07-08 2:31 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-07-07 5:55 Sam James
2024-06-25 4:06 Sam James
2024-06-25 4:06 Sam James
2024-06-25 4:06 Sam James
2024-06-25 4:06 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-06-21 13:14 Sam James
2024-05-24 6:05 Sam James
2024-05-24 1:18 Sam James
2024-05-24 1:18 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-22 1:12 Sam James
2024-05-19 15:27 Sam James
2024-05-19 15:27 Sam James
2024-05-19 15:27 Sam James
2024-05-19 15:27 Sam James
2024-05-18 16:07 Sam James
2024-05-18 16:06 Sam James
2024-05-18 16:06 Sam James
2024-05-18 15:34 Sam James
2024-05-18 15:32 Sam James
2024-05-18 15:32 Sam James
2024-05-18 14:04 Sam James
2024-05-18 14:04 Sam James
2024-05-18 14:04 Sam James
2024-05-18 14:04 Sam James
2024-05-18 14:04 Sam James
2024-05-18 14:04 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-17 4:03 Sam James
2024-05-15 10:28 Sam James
2024-05-15 10:28 Sam James
2024-05-14 0:18 Sam James
2024-05-14 0:15 Sam James
2024-05-14 0:12 Sam James
2024-05-14 0:12 Sam James
2024-05-14 0:08 Sam James
2024-05-14 0:08 Sam James
2024-05-14 0:05 Sam James
2024-05-14 0:05 Sam James
2024-05-14 0:05 Sam James
2024-05-14 0:05 Sam James
2024-05-14 0:05 Sam James
2024-02-16 21:35 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-11 16:47 Sam James
2023-06-10 7:23 Sam James
2023-06-10 7:23 Sam James
2023-06-10 6:04 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-10 4:22 Sam James
2023-06-09 11:17 Sam James
2023-06-09 11:11 Sam James
2023-06-09 11:02 Sam James
2023-06-09 11:02 Sam James
2023-06-09 11:02 Sam James
2023-06-09 11:02 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-06-07 11:13 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-19 16:14 Sam James
2023-02-17 7:44 Sam James
2023-02-17 7:44 Sam James
2023-02-17 7:44 Sam James
2023-02-17 1:33 Sam James
2023-02-17 1:33 Sam James
2023-02-17 1:33 Sam James
2023-02-15 8:18 Sam James
2023-02-15 7:48 Sam James
2023-02-15 7:46 Sam James
2023-02-15 7:46 Sam James
2023-02-15 7:46 Sam James
2023-02-15 7:46 Sam James
2023-02-15 7:46 Sam James
2023-02-15 7:46 Sam James
2023-02-15 2:24 Sam James
2023-02-15 2:24 Sam James
2023-02-15 2:24 Sam James
2023-02-14 3:40 Sam James
2023-02-14 3:40 Sam James
2023-02-14 3:40 Sam James
2023-02-14 3:40 Sam James
2023-02-14 0:09 Sam James
2023-02-14 0:09 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-13 21:37 Sam James
2023-02-12 18:53 Sam James
2023-02-12 18:53 Sam James
2023-02-12 6:53 Sam James
2023-02-12 6:53 Sam James
2023-02-12 6:53 Sam James
2023-02-11 1:43 Sam James
2023-02-11 1:43 Sam James
2023-02-10 6:09 Sam James
2023-02-10 6:09 Sam James
2023-02-10 6:09 Sam James
2023-02-09 3:54 Sam James
2023-02-09 3:54 Sam James
2023-02-08 3:37 Sam James
2023-02-08 1:06 Sam James
2023-02-08 0:03 Sam James
2023-02-08 0:03 Sam James
2023-02-07 23:47 Sam James
2023-02-07 23:42 Sam James
2023-02-07 23:42 Sam James
2023-02-07 23:42 Sam James
2023-02-07 23:42 Sam James
2023-02-07 1:08 Sam James
2023-02-07 1:08 Sam James
2023-02-06 13:47 Sam James
2023-02-06 4:32 Sam James
2023-02-06 4:23 Sam James
2023-02-06 4:19 Sam James
2023-02-06 4:10 Sam James
2023-02-06 4:10 Sam James
2023-02-06 3:59 Sam James
2023-02-06 3:59 Sam James
2023-02-06 3:59 Sam James
2022-07-30 5:48 Sam James
2022-07-29 2:03 Sam James
2022-07-29 2:03 Sam James
2022-07-29 2:03 Sam James
2021-08-30 21:14 Mike Gilbert
2021-08-30 21:14 Mike Gilbert
2020-11-19 18:20 Mike Gilbert
2020-11-19 18:20 Mike Gilbert
2020-11-19 18:20 Mike Gilbert
2020-01-26 23:19 Mike Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1722815571.f4ce893c16ede796c9a524650702e49afb5d0361.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox