fix: avoid operand evaluation as argument

Explicit end option parsing as the shell can be quite dangerous without it.
2025-09-20 20:44:35 -04:00 · 2024-08-06 17:04:16 +02:00 · 2024-08-06 17:04:16 +02:00 · 1b2f1ba941
commit 1b2f1ba941
parent e42950376a
52 changed files with 196 additions and 189 deletions
--- a/salt/sys-git/files/client/git-core/git-remote-qrexec
+++ b/salt/sys-git/files/client/git-core/git-remote-qrexec
@ -34,7 +34,7 @@ log(){
 validate_url(){
  url_valid=""
  url_check="${1?}"
-  scheme_user_url="$(echo "${url_check}" | sed "s|://.*||")"
+  scheme_user_url="$(echo "${url_check}" | sed -e "s|://.*||")"

  ## Scheme must be the same as the one in the name of this script.
  ## Checks if Authority and Path exist, but not if they are valid, this is
@ -48,7 +48,7 @@ validate_url(){
  esac

  urn_pattern="[0-9A-Za-z@:_.-]+/[0-9A-Za-z_.-]+(\?[0-9A-Za-z=&_-]*)?"
-  if ! (echo "${url_valid}" | grep -qE "^${scheme}://${urn_pattern}$")
+  if ! (echo "${url_valid}" | grep -qE -e "^${scheme}://${urn_pattern}$")
  then
    die "URL contains forbidden characters"
  fi
@ -86,11 +86,12 @@ find_capabilities(){
    if test -z "${cap_helpers}"; then
      cap_helpers="${f##*"${script}-"}"
    else
-      cap_helpers="${cap_helpers}\n${f##*"${script}-"}"
+      cap_helpers="${cap_helpers}
+${f##*"${script}-"}"
    fi
  done

-  echo "${cap_helpers}"
+  printf '%s\n' "${cap_helpers}"
 }

 ## Send capabilities to remote helper specific for that capability.
@ -98,7 +99,7 @@ send_cap(){
  cap="${1}"
  shift

-  if ! (echo "${capabilities}" | grep -q "^${cap}$"); then
+  if ! (echo "${capabilities}" | grep -q -e "^${cap}$"); then
    die "Unsupported capability: '${cap}'"
  fi

@ -169,7 +170,7 @@ while read -r cmd arg; do
  case "${cmd}" in
    capabilities)
      for c in ${capabilities}; do log "-> ${c}"; done; log "->"
-      printf %s"${capabilities}\n\n";;
+      printf '%s\n\n' "${capabilities}";;
    *) send_cap "${cmd}" "${arg}";;
  esac
 done
--- a/salt/sys-git/files/client/git-core/git-remote-qrexec-connect
+++ b/salt/sys-git/files/client/git-core/git-remote-qrexec-connect
@ -26,7 +26,7 @@ log(){

 ## Establish capability working.
 log "->"
-printf "\n"
+printf '\n'

 helper="${0##*/git-}"
 parent_helper="${helper%-*}"
@ -61,7 +61,8 @@ vendor="qusal"
 default_qube="sys-git"
 rpc_cmd="${vendor}.${rpc}+${path}"

-if echo "${query}" | grep -qE "(^|&)verify_signatures=(1|[tT]rue|yes|on)($|&)"
+if echo "${query}" | \
+  grep -qE -e "(^|&)verify_signatures=(1|[tT]rue|yes|on)($|&)"
 then
  die "Remote helper does not support signature verification yet"
 fi
--- a/salt/sys-git/files/server/rpc/qusal.GitInit
+++ b/salt/sys-git/files/server/rpc/qusal.GitInit
@ -23,7 +23,7 @@ if test -z "${untrusted_repo}"; then
  die "Repository name is empty"
 fi

-if ! (echo "${untrusted_repo}" | grep -q "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
+if ! (echo "${untrusted_repo}" | grep -q -e "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
 then
  msg="Forbidden characters in agent name."
  msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
@ -64,7 +64,7 @@ fi

 if ! test -d "${base_path}"; then
  # shellcheck disable=SC2174
-  mkdir -m 0700 -p "${base_path}" >/dev/null 2>&1 ||
+  mkdir -m 0700 -p -- "${base_path}" >/dev/null 2>&1 ||
    die "Cannot create directory: ${base_path}"
 fi