Received: by 10.223.185.116 with SMTP id b49csp825433wrg; Tue, 20 Feb 2018 08:28:13 -0800 (PST) X-Google-Smtp-Source: AH8x224KiBbqT8F5qXDTiTXt1Ix9VW+yg0XFCwvebLbf8007LDw2h21M+1RAdTI/HdbzzKv3Hd8I X-Received: by 10.99.170.73 with SMTP id x9mr117120pgo.393.1519144093838; Tue, 20 Feb 2018 08:28:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519144093; cv=none; d=google.com; s=arc-20160816; b=jKX1j39fcEO0eR6ajmMUsnysb9oSncQkJpz0N3ybYzA3qIpb3LFDIXV0sLFAgDzkcE KfJ3DLbHw3xRwobwvVD+h5j/9t6rhqSsYceuek6mfZWYWGlvD89BFVgWfd3NQ9aZkT8P QawP3pCfSmglgJNYl6nZI5WhblqFKtp4/+nc9FckVa3d6cGVuJis/3fJN1KBEZeb0/Vl 3zkvmDaSQ0yOdemXiwNrBZNEcoifKFGJwLzJALzMWjlUvMOZVDust1sBr623xaXIO0O6 e8OiGK+rEFWj3fZ0bx+6mMQlAx2m2Fh7MY2Z+IjTOdqBC5seRNIsxcgJMcqQd/A7mrQ+ kLkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=d5H+wDCMbC4VQe2cY8bzilCgKnhBy95cBPO+HyFN51Y=; b=0lOOdnAbAGT8eoP87ojNwkZbLKrWQLZIdyGa+lHKGSNsyUKTP/gkFqpXgl8slmFIKq cXe1rZlun0UG2i9ftrCrajqD3gYz+ZiAshmPEeHEAlQe16befznhFx3eEBGsDjN+ervQ 6iKu7CdN1aROY/8yGu5UJsfxELCo0vkKF9HaNmTgywijUwA9LrVcUADOTgkQhr9T4G0b urHLnvuoSj61aWe5B0Dguocm6PypQ8NcbBWTjsLlPgid/mYkDHoTQxNCTFQDpzU76I6B +2htl4Kwr6/ITXfG8Oc4xHIzjsJVo8HCKcgKSPWhHEYMR0Jn7EuX88uRMfVykz/+nJeN jOyg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Js5/gWa9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bi10-v6si5844302plb.87.2018.02.20.08.27.59; Tue, 20 Feb 2018 08:28:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Js5/gWa9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753042AbeBTQ0e (ORCPT + 99 others); Tue, 20 Feb 2018 11:26:34 -0500 Received: from mail-qt0-f195.google.com ([209.85.216.195]:37773 "EHLO mail-qt0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753027AbeBTQ0b (ORCPT ); Tue, 20 Feb 2018 11:26:31 -0500 Received: by mail-qt0-f195.google.com with SMTP id d26so17085153qtj.4 for ; Tue, 20 Feb 2018 08:26:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=d5H+wDCMbC4VQe2cY8bzilCgKnhBy95cBPO+HyFN51Y=; b=Js5/gWa9Ay5fDDwEHyBamBYtplbvmi6rQRcpICGVxTktYj2pEa/+LSpkwLPzdWOSJu kDUm5GjOVsZaE6GiicMpF6LvJbaYAnBMYVVakJ4OHk469GAsG2DLBjwDSJzdImRi9uUG vAD5PVDz3vDCuP+KSNF0OBZbzYXLzCJwEbxv4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=d5H+wDCMbC4VQe2cY8bzilCgKnhBy95cBPO+HyFN51Y=; b=gdHcUCCshNE0ikqi/1MGbqjge0pldu2lpmiRhL81Co5kjoeBWb447Zh9UKPwQV5ysf vFIPTIRQDeT9WJKN1sLcJMlwBkHOy6VrVBlAYE6zI+V9Sc0jZQvIP/1SkA98ya/mKFaF J/S4AwJMNmVe7trn6kAOsZ88AyaBU5iicCB8SrA+LzG26Ob08SHFrE80Sy7qH5F2qM8U EP5j2DmXBz1LxZXzwOHk9ih/KDM40f+00pN+MkAp5g7XmYdr5bRgnAJd5xzblDKM+JOU rT5ITmlst32Qtyre+pxMSOpKeZ7ss4sjQSHA+XzI1WX6puD60/lgc2VQEgl1k6ONjWGi 4aQA== X-Gm-Message-State: APf1xPB0JMZz2qT3W3QEQ989czeBusnfLiZ3HtIlk8p3EiVB1Nx2vqKJ D9NtDO0ZbrxGNgofP3qzFvW2iA== X-Received: by 10.237.42.34 with SMTP id c31mr251956qtd.199.1519143990595; Tue, 20 Feb 2018 08:26:30 -0800 (PST) Received: from xanadu.home (modemcable228.104-82-70.mc.videotron.ca. [70.82.104.228]) by smtp.gmail.com with ESMTPSA id t58sm2257737qtc.19.2018.02.20.08.26.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 20 Feb 2018 08:26:30 -0800 (PST) Date: Tue, 20 Feb 2018 11:26:28 -0500 (EST) From: Nicolas Pitre To: Richard Weinberger cc: Masahiro Yamada , Linux Kernel Mailing List , Greg Kroah-Hartman , Kate Stewart , Nicholas Piggin , Kees Cook , Andrew Morton , david@sigma-star.at, kbuild-all@01.org, Sam Ravnborg , Arnaud Lacombe , Nick Bowler , Michal Marek , Rusty Russell Subject: Re: [PATCH v2] kbuild: Don't source kernel config In-Reply-To: <1919455.eZKeABUfgV@blindfold> Message-ID: References: <20180219092245.26404-1-richard@nod.at> <14335276.CH3Xr2i6I8@blindfold> <1919455.eZKeABUfgV@blindfold> User-Agent: Alpine 2.21 (LFD 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 20 Feb 2018, Richard Weinberger wrote: > An alternate approach would be this: > diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c > index 5c12dc91ef34..ff0a7c62344b 100644 > --- a/scripts/kconfig/confdata.c > +++ b/scripts/kconfig/confdata.c > @@ -161,6 +161,13 @@ static int conf_set_sym_val(struct symbol *sym, int def, > int def_flags, char *p) > case S_STRING: > if (*p++ != '"') > break; > + > + p2 = strpbrk(p, "`$"); > + if (p2 && !(p2[0] == '$' && p2[1] != '(')) { > + conf_warning("string contains forbidden characters"); > + return 1; > + } > + > for (p2 = p; (p2 = strpbrk(p2, "\"\\")); p2++) { > if (*p2 == '"') { > *p2 = 0; > > That way the conf tool will sanitize the .config before shell scripts will > source it. Looks like a much saner approach to me indeed. Nicolas