[gentoo-commits] proj/portage:master commit in: bin/ebuild-helpers/unprivileged/, bin/ebuild-helpers/xattr/, bin/ebuild-helpers/, ... - gentoo-commits

From:	Zac Medico <zmedico@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/portage:master commit in: bin/ebuild-helpers/unprivileged/, bin/ebuild-helpers/xattr/, bin/ebuild-helpers/, ...
Date:	Tue, 28 Apr 2015 23:36:30
Message-Id:	`1430263853.b891bf13e47694eb1d36a34efb03d21c4b382669.zmedico@gentoo`

1

commit:     b891bf13e47694eb1d36a34efb03d21c4b382669

2

Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>

3

AuthorDate: Mon Apr 27 20:26:35 2015 +0000

4

Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>

5

CommitDate: Tue Apr 28 23:30:53 2015 +0000

6

URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=b891bf13

7

8

ebuild-helpers: avoid exec loops or fork bombs in wrappers (bug 547086)

9

10

Since commit 130c01b9e561dd6ff7733a4905b21a0a921e9a22, extra portage

11

paths in PATH could trigger exec loops or fork bombs in wrappers.

12

13

Fixes: 130c01b9e561 ("_doebuild_path: add fallback for temp PORTAGE_BIN_PATH (bug 547086)")

14

X-Gentoo-Bug: 547086

15

X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=547086

16

Acked-by: Brian Dolbec <dolsen <AT> gentoo.org>

17

18

 bin/ebuild-helpers/bsd/sed            |  4 +++-

19

 bin/ebuild-helpers/portageq           |  4 +++-

20

 bin/ebuild-helpers/unprivileged/chown |  4 +++-

21

 bin/ebuild-helpers/xattr/install      | 14 +++++++++++++-

22

 4 files changed, 22 insertions(+), 4 deletions(-)

23

24

diff --git a/bin/ebuild-helpers/bsd/sed b/bin/ebuild-helpers/bsd/sed

25

index 01b8847..9a7f2d4 100755

26

--- a/bin/ebuild-helpers/bsd/sed

27

+++ b/bin/ebuild-helpers/bsd/sed

28

@@ -1,5 +1,5 @@

29

 #!/bin/bash

30

-# Copyright 2007-2012 Gentoo Foundation

31

+# Copyright 2007-2015 Gentoo Foundation

32

 # Distributed under the terms of the GNU General Public License v2

33

34

 scriptpath=${BASH_SOURCE[0]}

35

@@ -15,6 +15,8 @@ else

36

37

 	for path in $PATH; do

38

 		if [[ -x ${path}/${scriptname} ]]; then

39

+			[[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib*/portage/* ]] && continue

40

+			[[ ${path} == */._portage_reinstall_.* ]] && continue

41

 			[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue

42

 			exec "${path}/${scriptname}" "$@"

43

 			exit 0

44

45

diff --git a/bin/ebuild-helpers/portageq b/bin/ebuild-helpers/portageq

46

index 4151bac..ba889eb 100755

47

--- a/bin/ebuild-helpers/portageq

48

+++ b/bin/ebuild-helpers/portageq

49

@@ -1,5 +1,5 @@

50

 #!/bin/bash

51

-# Copyright 2009-2013 Gentoo Foundation

52

+# Copyright 2009-2015 Gentoo Foundation

53

 # Distributed under the terms of the GNU General Public License v2

54

55

 scriptpath=${BASH_SOURCE[0]}

56

@@ -15,6 +15,8 @@ set -f # in case ${PATH} contains any shell glob characters

57

58

 for path in ${PATH}; do

59

 	[[ -x ${path}/${scriptname} ]] || continue

60

+	[[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib*/portage/* ]] && continue

61

+	[[ ${path} == */._portage_reinstall_.* ]] && continue

62

 	[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue

63

 	PYTHONPATH=${PORTAGE_PYTHONPATH:-${PORTAGE_PYM_PATH}} \

64

 		exec "${PORTAGE_PYTHON:-/usr/bin/python}" \

65

66

diff --git a/bin/ebuild-helpers/unprivileged/chown b/bin/ebuild-helpers/unprivileged/chown

67

index 08fa650..2f1f161 100755

68

--- a/bin/ebuild-helpers/unprivileged/chown

69

+++ b/bin/ebuild-helpers/unprivileged/chown

70

@@ -1,5 +1,5 @@

71

 #!/bin/bash

72

-# Copyright 2012-2013 Gentoo Foundation

73

+# Copyright 2012-2015 Gentoo Foundation

74

 # Distributed under the terms of the GNU General Public License v2

75

76

 scriptpath=${BASH_SOURCE[0]}

77

@@ -9,6 +9,8 @@ IFS=':'

78

79

 for path in ${PATH}; do

80

 	[[ -x ${path}/${scriptname} ]] || continue

81

+	[[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib*/portage/* ]] && continue

82

+	[[ ${path} == */._portage_reinstall_.* ]] && continue

83

 	[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue

84

 	IFS=$' \t\n'

85

 	output=$("${path}/${scriptname}" "$@" 2>&1)

86

87

diff --git a/bin/ebuild-helpers/xattr/install b/bin/ebuild-helpers/xattr/install

88

index d572fe6..2d2a693 100755

89

--- a/bin/ebuild-helpers/xattr/install

90

+++ b/bin/ebuild-helpers/xattr/install

91

@@ -1,5 +1,5 @@

92

 #!/bin/bash

93

-# Copyright 2013 Gentoo Foundation

94

+# Copyright 2013-2015 Gentoo Foundation

95

 # Distributed under the terms of the GNU General Public License v2

96

97

 PORTAGE_BIN_PATH=${PORTAGE_BIN_PATH:-/usr/lib/portage/bin}

98

@@ -24,6 +24,18 @@ else

99

fi

100

fi

101

102

+# Filter internal portage paths from PATH, in order to avoid

103

+# a possible exec loop or fork bomb (see bug 547086).

104

+IFS=':'

105

+set -f

106

+path=

107

+for x in ${PATH}; do

108

+	[[ ${x} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib*/portage/* ]] && continue

109

+	[[ ${x} == */._portage_reinstall_.* ]] && continue

110

+	path+=":${x}"

111

+done

112

+PATH=${path#:}

113

+

114

 if [[ "${implementation}" == "c" ]]; then

115

 	exec "${INSTALL_XATTR}" "$@"

116

 elif [[ "${implementation}" == "python" ]]; then

1	commit: b891bf13e47694eb1d36a34efb03d21c4b382669
2	Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
3	AuthorDate: Mon Apr 27 20:26:35 2015 +0000
4	Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
5	CommitDate: Tue Apr 28 23:30:53 2015 +0000
6	URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=b891bf13
7
8	ebuild-helpers: avoid exec loops or fork bombs in wrappers (bug 547086)
9
10	Since commit 130c01b9e561dd6ff7733a4905b21a0a921e9a22, extra portage
11	paths in PATH could trigger exec loops or fork bombs in wrappers.
12
13	Fixes: 130c01b9e561 ("_doebuild_path: add fallback for temp PORTAGE_BIN_PATH (bug 547086)")
14	X-Gentoo-Bug: 547086
15	X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=547086
16	Acked-by: Brian Dolbec <dolsen <AT> gentoo.org>
17
18	bin/ebuild-helpers/bsd/sed \| 4 +++-
19	bin/ebuild-helpers/portageq \| 4 +++-
20	bin/ebuild-helpers/unprivileged/chown \| 4 +++-
21	bin/ebuild-helpers/xattr/install \| 14 +++++++++++++-
22	4 files changed, 22 insertions(+), 4 deletions(-)
23
24	diff --git a/bin/ebuild-helpers/bsd/sed b/bin/ebuild-helpers/bsd/sed
25	index 01b8847..9a7f2d4 100755
26	--- a/bin/ebuild-helpers/bsd/sed
27	+++ b/bin/ebuild-helpers/bsd/sed
28	@@ -1,5 +1,5 @@
29	#!/bin/bash
30	-# Copyright 2007-2012 Gentoo Foundation
31	+# Copyright 2007-2015 Gentoo Foundation
32	# Distributed under the terms of the GNU General Public License v2
33
34	scriptpath=${BASH_SOURCE[0]}
35	@@ -15,6 +15,8 @@ else
36
37	for path in $PATH; do
38	if [[ -x ${path}/${scriptname} ]]; then
39	+ [[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib/portage/ ]] && continue
40	+ [[ ${path} == /._portage_reinstall_. ]] && continue
41	[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue
42	exec "${path}/${scriptname}" "$@"
43	exit 0
44
45	diff --git a/bin/ebuild-helpers/portageq b/bin/ebuild-helpers/portageq
46	index 4151bac..ba889eb 100755
47	--- a/bin/ebuild-helpers/portageq
48	+++ b/bin/ebuild-helpers/portageq
49	@@ -1,5 +1,5 @@
50	#!/bin/bash
51	-# Copyright 2009-2013 Gentoo Foundation
52	+# Copyright 2009-2015 Gentoo Foundation
53	# Distributed under the terms of the GNU General Public License v2
54
55	scriptpath=${BASH_SOURCE[0]}
56	@@ -15,6 +15,8 @@ set -f # in case ${PATH} contains any shell glob characters
57
58	for path in ${PATH}; do
59	[[ -x ${path}/${scriptname} ]] \|\| continue
60	+ [[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib/portage/ ]] && continue
61	+ [[ ${path} == /._portage_reinstall_. ]] && continue
62	[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue
63	PYTHONPATH=${PORTAGE_PYTHONPATH:-${PORTAGE_PYM_PATH}} \
64	exec "${PORTAGE_PYTHON:-/usr/bin/python}" \
65
66	diff --git a/bin/ebuild-helpers/unprivileged/chown b/bin/ebuild-helpers/unprivileged/chown
67	index 08fa650..2f1f161 100755
68	--- a/bin/ebuild-helpers/unprivileged/chown
69	+++ b/bin/ebuild-helpers/unprivileged/chown
70	@@ -1,5 +1,5 @@
71	#!/bin/bash
72	-# Copyright 2012-2013 Gentoo Foundation
73	+# Copyright 2012-2015 Gentoo Foundation
74	# Distributed under the terms of the GNU General Public License v2
75
76	scriptpath=${BASH_SOURCE[0]}
77	@@ -9,6 +9,8 @@ IFS=':'
78
79	for path in ${PATH}; do
80	[[ -x ${path}/${scriptname} ]] \|\| continue
81	+ [[ ${path} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib/portage/ ]] && continue
82	+ [[ ${path} == /._portage_reinstall_. ]] && continue
83	[[ ${path}/${scriptname} -ef ${scriptpath} ]] && continue
84	IFS=$' \t\n'
85	output=$("${path}/${scriptname}" "$@" 2>&1)
86
87	diff --git a/bin/ebuild-helpers/xattr/install b/bin/ebuild-helpers/xattr/install
88	index d572fe6..2d2a693 100755
89	--- a/bin/ebuild-helpers/xattr/install
90	+++ b/bin/ebuild-helpers/xattr/install
91	@@ -1,5 +1,5 @@
92	#!/bin/bash
93	-# Copyright 2013 Gentoo Foundation
94	+# Copyright 2013-2015 Gentoo Foundation
95	# Distributed under the terms of the GNU General Public License v2
96
97	PORTAGE_BIN_PATH=${PORTAGE_BIN_PATH:-/usr/lib/portage/bin}
98	@@ -24,6 +24,18 @@ else
99	fi
100	fi
101
102	+# Filter internal portage paths from PATH, in order to avoid
103	+# a possible exec loop or fork bomb (see bug 547086).
104	+IFS=':'
105	+set -f
106	+path=
107	+for x in ${PATH}; do
108	+ [[ ${x} == ${PORTAGE_OVERRIDE_EPREFIX}/usr/lib/portage/ ]] && continue
109	+ [[ ${x} == /._portage_reinstall_. ]] && continue
110	+ path+=":${x}"
111	+done
112	+PATH=${path#:}
113	+
114	if [[ "${implementation}" == "c" ]]; then
115	exec "${INSTALL_XATTR}" "$@"
116	elif [[ "${implementation}" == "python" ]]; then

Gentoo Archives: gentoo-commits