diff options
author | Albert Safin <xzfcpw@gmail.com> | 2020-01-17 06:44:00 +0000 |
---|---|---|
committer | Albert Safin <xzfcpw@gmail.com> | 2020-02-19 14:28:49 +0000 |
commit | f2a03acf3f42140f40fa5141b2b6ea94a554df64 (patch) | |
tree | 052d7b56d18eb8c1cac285df24bbd919ca04d252 /src/nix-build/nix-build.cc | |
parent | 8b09105db3869284ee7892f82155dda79f98d6e6 (diff) |
nix-shell: clean up the tmpDir and escape variables
The problem fixed: each nix-shell invocation creates a new temporary
directory (`/tmp/nix-shell-*`) and never cleans up.
And while I'm here, shellescape all variables inlined into the rcfile.
See what might happen without escaping:
$ export TZ="';echo pwned'"
$ nix-shell -p hello --run hello
pwned
Hello, world!
Diffstat (limited to 'src/nix-build/nix-build.cc')
-rwxr-xr-x | src/nix-build/nix-build.cc | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 205165a4c..d9bec431e 100755 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -423,13 +423,18 @@ static void _main(int argc, char * * argv) lose the current $PATH directories. */ auto rcfile = (Path) tmpDir + "/rc"; writeFile(rcfile, fmt( - (keepTmp ? "" : "rm -rf '%1%'; "s) + + R"(_nix_shell_clean_tmpdir() { rm -rf %1%; }; )"s + + (keepTmp ? + "trap _nix_shell_clean_tmpdir EXIT; " + "exitHooks+=(_nix_shell_clean_tmpdir); " + "failureHooks+=(_nix_shell_clean_tmpdir); ": + "_nix_shell_clean_tmpdir; ") + (pure ? "" : "[ -n \"$PS1\" ] && [ -e ~/.bashrc ] && source ~/.bashrc;") + "%2%" "dontAddDisableDepTrack=1; " "[ -e $stdenv/setup ] && source $stdenv/setup; " "%3%" - "PATH=\"%4%:$PATH\"; " + "PATH=%4%:\"$PATH\"; " "SHELL=%5%; " "set +e; " R"s([ -n "$PS1" ] && PS1='\n\[\033[1;32m\][nix-shell:\w]\$\[\033[0m\] '; )s" @@ -438,12 +443,12 @@ static void _main(int argc, char * * argv) "shopt -u nullglob; " "unset TZ; %6%" "%7%", - (Path) tmpDir, + shellEscape(tmpDir), (pure ? "" : "p=$PATH; "), (pure ? "" : "PATH=$PATH:$p; unset p; "), - dirOf(*shell), - *shell, - (getenv("TZ") ? (string("export TZ='") + getenv("TZ") + "'; ") : ""), + shellEscape(dirOf(*shell)), + shellEscape(*shell), + (getenv("TZ") ? (string("export TZ=") + shellEscape(getenv("TZ")) + "; ") : ""), envCommand)); Strings envStrs; |