summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog14
-rwxr-xr-xMODULES.html.sh1
-rwxr-xr-xbuild-aux/bootstrap6
-rwxr-xr-xbuild-aux/declared.sh2
-rwxr-xr-xbuild-aux/do-release-commit-and-tag4
-rwxr-xr-xbuild-aux/gendocs.sh26
-rwxr-xr-xgnulib-tool4
-rwxr-xr-xtests/test-parse-duration.sh2
-rwxr-xr-xtests/test-update-copyright.sh2
9 files changed, 35 insertions, 26 deletions
diff --git a/ChangeLog b/ChangeLog
index 85210fad37..2736390d01 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,19 @@
2022-07-23 Bruno Haible <bruno@clisp.org>
+ Fix a couple of ShellCheck warnings.
+ * MODULES.html.sh (sed_escape_slash): Remove unused variable.
+ * build-aux/bootstrap: Avoid computed printf format strings.
+ * build-aux/do-release-commit-and-tag: Likewise.
+ * build-aux/gendocs.sh: Likewise.
+ * build-aux/declared.sh: Fix "unrecognized option" message.
+ * gnulib-tool (supplied_opts): Remove unused variable.
+ (--single-con): Remove redundant option recognition.
+ * tests/test-parse-duration.sh (nl): Remove unused variable.
+ * tests/test-update-copyright.sh: Use double-quotes instead of
+ single-quotes.
+
+2022-07-23 Bruno Haible <bruno@clisp.org>
+
Avoid DoS vulnerability through unsafe default assignment.
See https://www.shellcheck.net/wiki/SC2223 .
* MODULES.html.sh (func_tmpdir): Surround default assignment with
diff --git a/MODULES.html.sh b/MODULES.html.sh
index 246d8ebf52..03b72a4a9f 100755
--- a/MODULES.html.sh
+++ b/MODULES.html.sh
@@ -41,7 +41,6 @@ repo_url_suffix_repl=`echo "$repo_url_suffix" | sed -e 's,[&],\\\&,'`
sed_lt='s,<,\&lt;,g'
sed_gt='s,>,\&gt;,g'
sed_escape_dot='s,\.,\\.,g'
-sed_escape_slash='s,/,\\/,g'
trnl='\012'
sed_alt1='s,$,\\|,'
sed_alt2='s,^\\|,\\(,'
diff --git a/build-aux/bootstrap b/build-aux/bootstrap
index 76bda0836c..86a0ac6d6f 100755
--- a/build-aux/bootstrap
+++ b/build-aux/bootstrap
@@ -1,6 +1,6 @@
#! /bin/sh
# Print a version string.
-scriptversion=2022-07-18.17; # UTC
+scriptversion=2022-07-23.11; # UTC
# Bootstrap this package from checked-out sources.
@@ -533,7 +533,7 @@ sort_ver() { # sort -V is not generally available
elif [ "$p2" -gt "$p1" ] 2>/dev/null; then # numeric comparison
echo "$1 $2"
else # numeric, then lexicographic comparison
- lp=$(printf "$p1\n$p2\n" | LANG=C sort -n | tail -n1)
+ lp=$(printf "%s\n%s\n" "$p1" "$p2" | LANG=C sort -n | tail -n1)
if [ "$lp" = "$p2" ]; then
echo "$1 $2"
else
@@ -697,7 +697,7 @@ $buildreq" ;;
esac
fi
-if ! printf "$buildreq" | check_versions; then
+if ! printf '%s' "$buildreq" | check_versions; then
echo >&2
if test -f README-prereq; then
die "See README-prereq for how to get the prerequisite programs"
diff --git a/build-aux/declared.sh b/build-aux/declared.sh
index 5a6a6793a7..b721f7e992 100755
--- a/build-aux/declared.sh
+++ b/build-aux/declared.sh
@@ -75,7 +75,7 @@ while test $# -gt 0; do
-- ) # Stop option processing
shift; break ;;
-* )
- func_fatal_error "unrecognized option: $option"
+ func_fatal_error "unrecognized option: $1"
;;
* )
break ;;
diff --git a/build-aux/do-release-commit-and-tag b/build-aux/do-release-commit-and-tag
index 493821a3f5..c8f7a53e05 100755
--- a/build-aux/do-release-commit-and-tag
+++ b/build-aux/do-release-commit-and-tag
@@ -125,7 +125,7 @@ prev_ver=$(cat .prev-version) \
|| die 'failed to determine previous version number from .prev-version'
# Verify that $ver is sensible (> .prev-version).
-case $(printf "$prev_ver\n$ver\n"|sort -V -u|tr '\n' ':') in
+case $(printf "%s\n%s\n" "$prev_ver" "$ver"|sort -V -u|tr '\n' ':') in
"$prev_ver:$ver:") ;;
*) die "invalid version: $ver (<= $prev_ver)";;
esac
@@ -165,7 +165,7 @@ perl -MPOSIX -ni -e 'my $today = strftime "%F", localtime time;' \
-e 'print $.==3 ? "$pfx $ver ($today) [$type]\n" : $_' \
NEWS || die 'failed to update NEWS'
-printf "version $ver\n\n* NEWS: Record release date.\n" \
+printf "version %s\n\n* NEWS: Record release date.\n" "$ver" \
| git commit -F - -a || die 'git commit failed'
git tag -s -m "$pkg $ver" v$ver HEAD || die 'git tag failed'
diff --git a/build-aux/gendocs.sh b/build-aux/gendocs.sh
index 5068582925..2411a850ca 100755
--- a/build-aux/gendocs.sh
+++ b/build-aux/gendocs.sh
@@ -40,7 +40,7 @@ srcdir=`pwd`
scripturl="https://git.savannah.gnu.org/cgit/gnulib.git/plain/build-aux/gendocs.sh"
templateurl="https://git.savannah.gnu.org/cgit/gnulib.git/plain/doc/gendocs_template"
-: ${SETLANG="env LANG= LC_MESSAGES= LC_ALL= LANGUAGE="}
+: "${SETLANG="env LANG= LC_MESSAGES= LC_ALL= LANGUAGE="}"
: "${MAKEINFO="makeinfo"}"
: "${TEXI2DVI="texi2dvi"}"
: "${DOCBOOK2HTML="docbook2html"}"
@@ -304,7 +304,7 @@ fi # end info
#
if $generate_tex; then
cmd="$SETLANG $TEXI2DVI $dirargs $texarg \"$srcfile\""
- printf "\nGenerating dvi... ($cmd)\n"
+ printf "\nGenerating dvi... (%s)\n" "$cmd"
eval "$cmd"
# compress/finish dvi:
gzip -f -9 $PACKAGE.dvi
@@ -313,7 +313,7 @@ if $generate_tex; then
ls -l "$outdir/$PACKAGE.dvi.gz"
cmd="$SETLANG $TEXI2DVI --pdf $dirargs $texarg \"$srcfile\""
- printf "\nGenerating pdf... ($cmd)\n"
+ printf "\nGenerating pdf... (%s)\n" "$cmd"
eval "$cmd"
pdf_size=`calcsize $PACKAGE.pdf`
mv $PACKAGE.pdf "$outdir/"
@@ -324,7 +324,7 @@ fi # end tex (dvi + pdf)
if $generate_ascii; then
opt="-o $PACKAGE.txt --no-split --no-headers $commonarg"
cmd="$SETLANG $MAKEINFO $opt \"$srcfile\""
- printf "\nGenerating ascii... ($cmd)\n"
+ printf "\nGenerating ascii... (%s)\n" "$cmd"
eval "$cmd"
ascii_size=`calcsize $PACKAGE.txt`
gzip -f -9 -c $PACKAGE.txt >"$outdir/$PACKAGE.txt.gz"
@@ -341,7 +341,7 @@ html_split()
{
opt="--split=$1 --node-files $commonarg $htmlarg"
cmd="$SETLANG $TEXI2HTML --output $PACKAGE.html $opt \"$srcfile\""
- printf "\nGenerating html by $1... ($cmd)\n"
+ printf "\nGenerating html by %s... (%s)\n" "$1" "$cmd"
eval "$cmd"
split_html_dir=$PACKAGE.html
(
@@ -359,7 +359,7 @@ html_split()
if test -z "$use_texi2html"; then
opt="--no-split --html -o $PACKAGE.html $commonarg $htmlarg"
cmd="$SETLANG $MAKEINFO $opt \"$srcfile\""
- printf "\nGenerating monolithic html... ($cmd)\n"
+ printf "\nGenerating monolithic html... (%s)\n" "$cmd"
rm -rf $PACKAGE.html # in case a directory is left over
eval "$cmd"
html_mono_size=`calcsize $PACKAGE.html`
@@ -380,7 +380,7 @@ if test -z "$use_texi2html"; then
#
opt="--html -o $PACKAGE.html $split_arg $commonarg $htmlarg"
cmd="$SETLANG $MAKEINFO $opt \"$srcfile\""
- printf "\nGenerating html by $split... ($cmd)\n"
+ printf "\nGenerating html by %s... (%s)\n" "$split" "$cmd"
eval "$cmd"
split_html_dir=$PACKAGE.html
copy_images $split_html_dir/ $split_html_dir/*.html
@@ -398,7 +398,7 @@ if test -z "$use_texi2html"; then
else # use texi2html:
opt="--output $PACKAGE.html $commonarg $htmlarg"
cmd="$SETLANG $TEXI2HTML $opt \"$srcfile\""
- printf "\nGenerating monolithic html with texi2html... ($cmd)\n"
+ printf "\nGenerating monolithic html with texi2html... (%s)\n" "$cmd"
rm -rf $PACKAGE.html # in case a directory is left over
eval "$cmd"
html_mono_size=`calcsize $PACKAGE.html`
@@ -428,7 +428,7 @@ texi_tgz_size=`calcsize "$outdir/$PACKAGE.texi.tar.gz"`
if test -n "$docbook"; then
opt="-o - --docbook $commonarg"
cmd="$SETLANG $MAKEINFO $opt \"$srcfile\" >${srcdir}/$PACKAGE-db.xml"
- printf "\nGenerating docbook XML... ($cmd)\n"
+ printf "\nGenerating docbook XML... (%s)\n" "$cmd"
eval "$cmd"
docbook_xml_size=`calcsize $PACKAGE-db.xml`
gzip -f -9 -c $PACKAGE-db.xml >"$outdir/$PACKAGE-db.xml.gz"
@@ -438,7 +438,7 @@ if test -n "$docbook"; then
split_html_db_dir=html_node_db
opt="$commonarg -o $split_html_db_dir"
cmd="$DOCBOOK2HTML $opt \"${outdir}/$PACKAGE-db.xml\""
- printf "\nGenerating docbook HTML... ($cmd)\n"
+ printf "\nGenerating docbook HTML... (%s)\n" "$cmd"
eval "$cmd"
(
cd ${split_html_db_dir} || exit 1
@@ -451,20 +451,20 @@ if test -n "$docbook"; then
rmdir ${split_html_db_dir}
cmd="$DOCBOOK2TXT \"${outdir}/$PACKAGE-db.xml\""
- printf "\nGenerating docbook ASCII... ($cmd)\n"
+ printf "\nGenerating docbook ASCII... (%s)\n" "$cmd"
eval "$cmd"
docbook_ascii_size=`calcsize $PACKAGE-db.txt`
mv $PACKAGE-db.txt "$outdir/"
cmd="$DOCBOOK2PDF \"${outdir}/$PACKAGE-db.xml\""
- printf "\nGenerating docbook PDF... ($cmd)\n"
+ printf "\nGenerating docbook PDF... (%s)\n" "$cmd"
eval "$cmd"
docbook_pdf_size=`calcsize $PACKAGE-db.pdf`
mv $PACKAGE-db.pdf "$outdir/"
fi
#
-printf "\nMaking index.html for $PACKAGE...\n"
+printf "\nMaking index.html for %s...\n" "$PACKAGE"
if test -z "$use_texi2html"; then
CONDS="/%%IF *HTML_SECTION%%/,/%%ENDIF *HTML_SECTION%%/d;\
/%%IF *HTML_CHAPTER%%/,/%%ENDIF *HTML_CHAPTER%%/d"
diff --git a/gnulib-tool b/gnulib-tool
index 2a971de9ea..c5c36b3800 100755
--- a/gnulib-tool
+++ b/gnulib-tool
@@ -1176,8 +1176,6 @@ func_determine_path_separator
copymode=
lcopymode=
- supplied_opts="$@"
-
while test $# -gt 0; do
case "$1" in
--list | --lis )
@@ -1357,7 +1355,7 @@ func_determine_path_separator
--without-unportable-tests | --without-unportable-test | --without-unportable-tes | --without-unportable-te | --without-unportable-t | --without-unportable- | --without-unportable | --without-unportabl | --without-unportab | --without-unporta | --without-unport | --without-unpor | --without-unpo | --without-unp | --without-un | --without-u)
excl_unportable_tests=true
shift ;;
- --single-configure | --single-configur | --single-configu | --single-config | --single-confi | --single-conf | --single-con | --single-con | --single-co | --single-c | --single- | --single | --singl | --sing | --sin | --si)
+ --single-configure | --single-configur | --single-configu | --single-config | --single-confi | --single-conf | --single-con | --single-co | --single-c | --single- | --single | --singl | --sing | --sin | --si)
single_configure=true
shift ;;
--avoid )
diff --git a/tests/test-parse-duration.sh b/tests/test-parse-duration.sh
index 7f27f72a60..e8be5ecb7e 100755
--- a/tests/test-parse-duration.sh
+++ b/tests/test-parse-duration.sh
@@ -5,8 +5,6 @@ test -z "$VERBOSE" || set -x
prog=test-parse-duration
exe=`pwd`/${prog}${EXEEXT}
-nl='
-'
# func_tmpdir
# creates a temporary directory.
diff --git a/tests/test-update-copyright.sh b/tests/test-update-copyright.sh
index a88a3d0b78..29cf6e99a0 100755
--- a/tests/test-update-copyright.sh
+++ b/tests/test-update-copyright.sh
@@ -68,7 +68,7 @@ echo a > $TMP-in
# Skip this test if Perl is too old. FIXME: 5.8.0 is just a guess.
# We have a report that 5.6.1 is inadequate and that 5.8.0 works.
perl -e 'require 5.8.0' || {
- echo '$0: skipping this test; Perl version is too old' 1>&2
+ echo "$0: skipping this test; Perl version is too old" 1>&2
exit 77
}
View Lorry Controller Status