From d7a6709aeb63345d1fc6d86e058df7fd6e33dd4c Mon Sep 17 00:00:00 2001 From: Mark Allen Date: Wed, 4 May 2016 01:41:33 -0500 Subject: Be even more thorough checking paths - Never assume mkdir returns successfully - Check for bad install locations *before* creating directories - Do not permit the active erlang installation to be deleted - Do not allow someone to delete her home directory ever --- kerl | 76 ++++++++++++++++++++++++++++++++++++++------------------------------ 1 file changed, 42 insertions(+), 34 deletions(-) (limited to 'kerl') diff --git a/kerl b/kerl index e459bd5..4129423 100755 --- a/kerl +++ b/kerl @@ -72,7 +72,7 @@ KERL_INSTALL_MANPAGES= KERL_BUILD_PLT= KERL_BUILD_DOCS= -# ensure the base dir exsists +# ensure the base dir exists mkdir -p "$KERL_BASE_DIR" || exit 1 # source the config file if available @@ -276,8 +276,16 @@ get_newest_valid_release() is_valid_installation() { - if [ -f "$1"/activate ]; then - return 0 + if [ -f "$KERL_BASE_DIR"/otp_installations ]; then + while read -r l; do + name=$(echo "$l" | cut -d " " -f 1) + path=$(echo "$l" | cut -d " " -f 2) + if [ "$path" = "$1" ]; then + if [ -f "$1"/activate ]; then + return 0 + fi + fi + done < "$KERL_BASE_DIR"/otp_installations fi return 1 } @@ -309,7 +317,7 @@ do_git_build() assert_build_name_unused "$3" GIT=$(echo -n "$1" | $MD5SUM | cut -d ' ' -f $MD5SUM_FIELD) - mkdir -p "$KERL_GIT_DIR" + mkdir -p "$KERL_GIT_DIR" || exit 1 cd "$KERL_GIT_DIR" || exit 1 echo "Checking Erlang/OTP git repository from $1..." if [ ! -d "$GIT" ]; then @@ -327,7 +335,7 @@ do_git_build() fi rm -Rf "${KERL_BUILD_DIR:?}/$3" - mkdir -p "$KERL_BUILD_DIR/$3" + mkdir -p "$KERL_BUILD_DIR/$3" || exit 1 cd "$KERL_BUILD_DIR/$3" || exit 1 git clone -l "$KERL_GIT_DIR/$GIT" otp_src_git > /dev/null 2>&1 if [ $? -ne 0 ]; then @@ -377,12 +385,12 @@ do_normal_build() assert_build_name_unused "$2" FILENAME="" download $1 - mkdir -p "$KERL_BUILD_DIR/$2" + mkdir -p "$KERL_BUILD_DIR/$2" || exit 1 if [ ! -d "$KERL_BUILD_DIR/$2/$FILENAME" ]; then echo "Extracting source code" UNTARDIRNAME="$KERL_BUILD_DIR/$2/$FILENAME-kerluntar-$$" rm -rf "$UNTARDIRNAME" - mkdir -p "$UNTARDIRNAME" + mkdir -p "$UNTARDIRNAME" || exit 1 # github tarballs have a directory in the form of "otp-TAGNAME" # Ericsson tarballs have the classic otp_src_RELEASE pattern # Standardize on Ericsson format because that's what the rest of the script expects @@ -518,10 +526,10 @@ do_install() echo "No build named $1" exit 1 fi - mkdir -p "$2" if ! is_valid_install_path "$2"; then exit 1 fi + mkdir -p "$2" || exit 1 absdir=$(cd "$2" && pwd) echo "Installing Erlang/OTP $rel ($1) in $absdir..." ERL_TOP="$KERL_BUILD_DIR/$1/otp_src_$rel" @@ -596,7 +604,7 @@ ACTIVATE DOC_DIR="$KERL_BUILD_DIR/$1/release_$rel/lib/erlang" if [ -d "$DOC_DIR" ]; then echo "Installing docs..." - mkdir -p "$absdir/lib/erlang" + mkdir -p "$absdir/lib/erlang" || exit 1 cp $CP_OPT "$DOC_DIR/" "$absdir/lib/erlang" ln -s "$absdir/lib/erlang/man" "$absdir/man" ln -s "$absdir/lib/erlang/doc" "$absdir/html" @@ -648,7 +656,7 @@ download_htmldocs() build_plt() { dialyzerd=$1/dialyzer - mkdir -p $dialyzerd + mkdir -p $dialyzerd || exit 1 plt=$dialyzerd/plt build_log=$dialyzerd/build.log dialyzer=$1/bin/dialyzer @@ -737,11 +745,6 @@ do_deploy() is_valid_install_path() { - if [ ! -d "$1" ]; then - echo "ERROR: $1 is not a directory." - return 1 - fi - # don't allow installs into home directory if [ "$1" = "$HOME" ]; then echo "ERROR: You cannot install a build into $HOME. It's a really bad idea." @@ -756,17 +759,26 @@ is_valid_install_path() return 1 fi + # don't install into .kerl either. if [ "$1" = "$HOME/.kerl" ]; then echo "ERROR: You cannot install a build into $HOME/.kerl." return 1 fi - # do not allow installs into directories - # that are non-empty - count=$(ls -l "$1" | wc -l) - if [ $count -ne 3 ]; then - echo "ERROR: $1 does not appear to be an empty directory." - return 1 + # if the install directory exists, + # do not allow installs into a directory + # that is not empty + if [ -e "$1" ]; then + if [ -d "$1" ]; then + count=$(ls -la "$1" | wc -l) + if [ $count -ne 3 ]; then + echo "ERROR: $1 does not appear to be an empty directory." + return 1 + fi + else + echo "ERROR: $1 is not a directory." + return 1 + fi fi return 0 @@ -779,6 +791,12 @@ maybe_remove() return 0 fi + ACTIVE_PATH="$(get_active_path)" + if [ "$1" = "$ACTIVE_PATH" ]; then + echo "ERROR: You cannot delete the active installation. Deactivate it first." + exit 1 + fi + rm -Rf "$1" } @@ -877,7 +895,7 @@ do_active() download() { - mkdir -p "$KERL_DOWNLOAD_DIR" + mkdir -p "$KERL_DOWNLOAD_DIR" || exit 1 if [ "$KERL_BUILD_BACKEND" = "git" ]; then FILENAME="OTP-$1" github_download "$FILENAME.tar.gz" @@ -934,20 +952,10 @@ case "$1" in exit 1 fi if [ $# -eq 3 ]; then - if [ "$3" = "$HOME" ]; then - echo "Refusing to install in $HOME, this is a bad idea." - exit 1 - else - do_install "$2" "$3" - fi + do_install "$2" "$3" else if [ -z "$KERL_DEFAULT_INSTALL_DIR" ]; then - if [ "$PWD" = "$HOME" ]; then - echo "Refusing to install in $HOME, this is a bad idea." - exit 1 - else - do_install "$2" . - fi + do_install "$2" "$PWD" else do_install "$2" "$KERL_DEFAULT_INSTALL_DIR/$2" fi -- cgit v1.2.3