1 |
Replace the eval used to pass quoted password in with simpler and safer |
2 |
bash arrays. Using eval is strongly discouraged as it is error-prone |
3 |
and confusing. |
4 |
--- |
5 |
eclass/cvs.eclass | 28 ++++++++++++++-------------- |
6 |
1 file changed, 14 insertions(+), 14 deletions(-) |
7 |
|
8 |
diff --git a/eclass/cvs.eclass b/eclass/cvs.eclass |
9 |
index 58efcf1aa2b6..c6e5c66cd866 100644 |
10 |
--- a/eclass/cvs.eclass |
11 |
+++ b/eclass/cvs.eclass |
12 |
@@ -1,4 +1,4 @@ |
13 |
-# Copyright 1999-2015 Gentoo Foundation |
14 |
+# Copyright 1999-2017 Gentoo Foundation |
15 |
# Distributed under the terms of the GNU General Public License v2 |
16 |
# $Id$ |
17 |
|
18 |
@@ -353,22 +353,22 @@ cvs_fetch() { |
19 |
fi |
20 |
|
21 |
# Commands to run |
22 |
- cmdlogin="${run} ${ECVS_CVS_COMMAND} -d \"${cvsroot_pass}\" login" |
23 |
- cmdupdate="${run} ${ECVS_CVS_COMMAND} -d \"${cvsroot_nopass}\" update ${ECVS_UP_OPTS} ${ECVS_LOCALNAME}" |
24 |
- cmdcheckout="${run} ${ECVS_CVS_COMMAND} -d \"${cvsroot_nopass}\" checkout ${ECVS_CO_OPTS} ${ECVS_MODULE}" |
25 |
+ cmdlogin=( ${run} ${ECVS_CVS_COMMAND} -d "${cvsroot_pass}" login ) |
26 |
+ cmdupdate=( ${run} ${ECVS_CVS_COMMAND} -d "${cvsroot_nopass}" update ${ECVS_UP_OPTS} ${ECVS_LOCALNAME} ) |
27 |
+ cmdcheckout=( ${run} ${ECVS_CVS_COMMAND} -d "${cvsroot_nopass}" checkout ${ECVS_CO_OPTS} ${ECVS_MODULE} ) |
28 |
|
29 |
# Execute commands |
30 |
|
31 |
cd "${ECVS_TOP_DIR}" |
32 |
if [[ ${ECVS_AUTH} == "pserver" ]] ; then |
33 |
- einfo "Running ${cmdlogin}" |
34 |
- eval ${cmdlogin} || die "cvs login command failed" |
35 |
+ einfo "Running ${cmdlogin[*]}" |
36 |
+ "${cmdlogin[@]}" || die "cvs login command failed" |
37 |
if [[ ${mode} == "update" ]] ; then |
38 |
- einfo "Running ${cmdupdate}" |
39 |
- eval ${cmdupdate} || die "cvs update command failed" |
40 |
+ einfo "Running ${cmdupdate[*]}" |
41 |
+ "${cmdupdate[@]}" || die "cvs update command failed" |
42 |
elif [[ ${mode} == "checkout" ]] ; then |
43 |
- einfo "Running ${cmdcheckout}" |
44 |
- eval ${cmdcheckout} || die "cvs checkout command failed" |
45 |
+ einfo "Running ${cmdcheckout[*]}" |
46 |
+ "${cmdcheckout[@]}" || die "cvs checkout command failed" |
47 |
fi |
48 |
elif [[ ${ECVS_AUTH} == "ext" || ${ECVS_AUTH} == "no" ]] ; then |
49 |
# Hack to support SSH password authentication |
50 |
@@ -462,11 +462,11 @@ EOF |
51 |
fi |
52 |
|
53 |
if [[ ${mode} == "update" ]] ; then |
54 |
- einfo "Running ${cmdupdate}" |
55 |
- eval ${cmdupdate} || die "cvs update command failed" |
56 |
+ einfo "Running ${cmdupdate[*]}" |
57 |
+ "${cmdupdate[@]}" || die "cvs update command failed" |
58 |
elif [[ ${mode} == "checkout" ]] ; then |
59 |
- einfo "Running ${cmdcheckout}" |
60 |
- eval ${cmdcheckout} || die "cvs checkout command failed" |
61 |
+ einfo "Running ${cmdcheckout[*]}" |
62 |
+ "${cmdcheckout[@]}" || die "cvs checkout command failed" |
63 |
fi |
64 |
|
65 |
# Restore environment variable values |
66 |
-- |
67 |
2.11.1 |