scm/git: prevent exec bomb with 'env :userpaths'
Using `git` from `Formula#install` can cause an exec bomb if used in a formula with `env :userpaths` because that causes both `Library/ENV/4.3` and `Library/ENV/scm` to be in PATH, both of which contain a `git` binary that is the same SCM wrapper. Those will mutually exec each other indefinitely as they fail to detect that they are the same wrapper. Extend the exec-bomb protection to check the paths after all symbolic links have been expanded to prevent this situation. Fixes #43. Fixes Homebrew/homebrew-core#133. Fixed Homebrew/homebrew-core#143. Closes #46. Signed-off-by: Martin Afanasjew <martin@afanasjew.de>
This commit is contained in:
Martin Afanasjew
parent
d5085edce0
commit
d7aa0c0335
@ -13,13 +13,16 @@ exec "$HOMEBREW_RUBY_PATH" -x "$0" "$@"
|
|||||||
# This script because we support $GIT, $HOMEBREW_SVN, etc., Xcode-only and
|
# This script because we support $GIT, $HOMEBREW_SVN, etc., Xcode-only and
|
||||||
# no Xcode/CLT configurations. Order is careful to be what the user would want.
|
# no Xcode/CLT configurations. Order is careful to be what the user would want.
|
||||||
|
|
||||||
|
require "pathname"
|
||||||
|
|
||||||
|
SELF_REAL = Pathname.new(__FILE__).realpath
|
||||||
F = File.basename(__FILE__).freeze
|
F = File.basename(__FILE__).freeze
|
||||||
D = File.expand_path(File.dirname(__FILE__)).freeze
|
D = File.expand_path(File.dirname(__FILE__)).freeze
|
||||||
|
|
||||||
def exec(*args)
|
def exec(*args)
|
||||||
# prevent fork-bombs
|
# prevent fork-bombs
|
||||||
arg0 = args.first
|
arg0 = args.first
|
||||||
return if arg0 =~ /^#{F}/i || File.expand_path(arg0) == File.expand_path(__FILE__)
|
return if arg0 =~ /^#{F}/i || Pathname.new(arg0).realpath == SELF_REAL
|
||||||
super
|
super
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user