configure: fix out of tree build; check unsafe characters in srcdir

While check for GMime session key extraction support... was made
out of tree build compatible, related (and some unrelated) unsafe
characters are now checked in notmuch source directory path.

The known unsafe characters in NOTMUCH_SRCDIR are:

- Single quote (') -- NOTMUCH_SRCDIR='${NOTMUCH_SRCDIR}'
  is written to sh.config in configure line 1328.

- Double quote (") -- configure line 521 *now* writes "$srcdir"
  into generated c source file ($NOTMUCH_SRCDIR includes $srcdir).

- Backslash (\) could also be problematic in configure line 521.

- The added $ and ` are potentially unsafe -- inside double quotes
  in shell script those have special meaning.

  Other characters don't expand inside double quoted strings.
This commit is contained in:
Tomi Ollila 2019-08-26 20:03:46 +03:00 committed by David Bremner
parent 17806ecc95
commit e13862f127

9
configure vendored
View file

@ -26,6 +26,11 @@ readonly DEFAULT_IFS="$IFS"
srcdir=$(dirname "$0") srcdir=$(dirname "$0")
NOTMUCH_SRCDIR=$(cd "$srcdir" && pwd) NOTMUCH_SRCDIR=$(cd "$srcdir" && pwd)
case $NOTMUCH_SRCDIR in ( *\'* | *['\"`$']* )
echo "Definitely unsafe characters in source path '$NOTMUCH_SRCDIR'".
exit 1
esac
subdirs="util compat lib parse-time-string completion doc emacs" subdirs="util compat lib parse-time-string completion doc emacs"
subdirs="${subdirs} performance-test test test/test-databases" subdirs="${subdirs} performance-test test test/test-databases"
subdirs="${subdirs} bindings" subdirs="${subdirs} bindings"
@ -513,7 +518,7 @@ int main () {
g_mime_init (); g_mime_init ();
parser = g_mime_parser_new (); parser = g_mime_parser_new ();
g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("test/corpora/crypto/basic-encrypted.eml", "r", &error)); g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("$srcdir/test/corpora/crypto/basic-encrypted.eml", "r", &error));
if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/crypto/basic-encrypted.eml\n"); if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/crypto/basic-encrypted.eml\n");
body = GMIME_MULTIPART_ENCRYPTED(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL))); body = GMIME_MULTIPART_ENCRYPTED(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL)));
@ -533,7 +538,7 @@ EOF
printf 'No.\nCould not make tempdir for testing session-key support.\n' printf 'No.\nCould not make tempdir for testing session-key support.\n'
errors=$((errors + 1)) errors=$((errors + 1))
elif ${CC} ${CFLAGS} ${gmime_cflags} _check_session_keys.c ${gmime_ldflags} -o _check_session_keys \ elif ${CC} ${CFLAGS} ${gmime_cflags} _check_session_keys.c ${gmime_ldflags} -o _check_session_keys \
&& GNUPGHOME=${TEMP_GPG} gpg --batch --quiet --import < test/gnupg-secret-key.asc \ && GNUPGHOME=${TEMP_GPG} gpg --batch --quiet --import < "$srcdir"/test/gnupg-secret-key.asc \
&& SESSION_KEY=$(GNUPGHOME=${TEMP_GPG} ./_check_session_keys) \ && SESSION_KEY=$(GNUPGHOME=${TEMP_GPG} ./_check_session_keys) \
&& [ $SESSION_KEY = 9:0BACD64099D1468AB07C796F0C0AC4851948A658A15B34E803865E9FC635F2F5 ] && [ $SESSION_KEY = 9:0BACD64099D1468AB07C796F0C0AC4851948A658A15B34E803865E9FC635F2F5 ]
then then