Re: git: 4deb9760a9d8 - main - rc: Disable pathname expansion when calling run_rc_command()
Date: Wed, 18 Jun 2025 14:13:30 UTC
On Thu, Jun 12, 2025 at 06:20:26PM +0000, Hiroki Sato wrote:
> The branch main has been updated by hrs:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=4deb9760a9d84d5861ee45162ffebe83f13503b8
>
> commit 4deb9760a9d84d5861ee45162ffebe83f13503b8
> Author: Hiroki Sato <hrs@FreeBSD.org>
> AuthorDate: 2025-06-12 18:19:32 +0000
> Commit: Hiroki Sato <hrs@FreeBSD.org>
> CommitDate: 2025-06-12 18:19:32 +0000
>
> rc: Disable pathname expansion when calling run_rc_command()
>
> Variables for command-line options like $foo_flags can contain characters
> that perform pathname expansions, such as '[', ']', and '*'. They were
> passed without escaping, and the matched entries in the working directory
> affected the command-line options. This change turns off the expansion
> when run_rc_command() is called.
>
> While this changes the current behavior, an invocation of a service
> program should not depend on entries in the working directory.
This also turns off globbing for /etc/rc.local, which broke one of my
scripts. Was that intentional? If so, we should really document it in
RELNOTES at the very least.
> Differential Revision: https://reviews.freebsd.org/D45855
> ---
> libexec/rc/rc.subr | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
> index 2eaf336b5220..359eebd1d342 100644
> --- a/libexec/rc/rc.subr
> +++ b/libexec/rc/rc.subr
> @@ -1788,7 +1788,11 @@ _run_rc_doit()
> debug "run_rc_command: doit: $*"
> _m=$(umask)
> ${_umask:+umask ${_umask}}
> +
> + # Disable pathname expansion temporarily for run_rc_command.
> + set -o noglob
> eval "$@"
> + set +o noglob
> _return=$?
> umask ${_m}
>
>