From c060e2e5154f1a49ebcfa6f2d7b7a4e05f35ab14 Mon Sep 17 00:00:00 2001 From: Brian Anderson Date: Wed, 26 Mar 2014 18:51:55 -0700 Subject: [PATCH] install: Don't allow installation over the install files --- mk/dist.mk | 5 ++--- src/etc/install.sh | 16 ++++++++++++++-- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/mk/dist.mk b/mk/dist.mk index a2048f7fb8f..92990767d08 100644 --- a/mk/dist.mk +++ b/mk/dist.mk @@ -199,10 +199,9 @@ dist-install-dir-$(1): PREPARE_LIB_CMD=$(DEFAULT_PREPARE_LIB_CMD) dist-install-dir-$(1): PREPARE_MAN_CMD=$(DEFAULT_PREPARE_MAN_CMD) dist-install-dir-$(1): PREPARE_CLEAN=true dist-install-dir-$(1): prepare-base-dir-$(1) -# Write the install manifest, making sure the manifest contains itself - $$(Q)touch $$(PREPARE_DEST_DIR)/$$(CFG_LIBDIR_RELATIVE)/rustlib/manifest-$(1).in $$(Q)(cd $$(PREPARE_DEST_DIR)/ && find -type f | sed 's/^\.\///') \ - > $$(PREPARE_DEST_DIR)/$$(CFG_LIBDIR_RELATIVE)/rustlib/manifest-$(1).in + > tmp/dist/manifest-$(1).in + $$(Q)mv tmp/dist/manifest-$(1).in $$(PREPARE_DEST_DIR)/$$(CFG_LIBDIR_RELATIVE)/rustlib/manifest.in # Add remaining non-installed files $$(Q)$$(PREPARE_MAN_CMD) $$(S)COPYRIGHT $$(PREPARE_DEST_DIR) $$(Q)$$(PREPARE_MAN_CMD) $$(S)LICENSE-APACHE $$(PREPARE_DEST_DIR) diff --git a/src/etc/install.sh b/src/etc/install.sh index 8bcb04eec90..3a1ba91d01f 100644 --- a/src/etc/install.sh +++ b/src/etc/install.sh @@ -227,17 +227,29 @@ fi step_msg "validating $CFG_SELF args" validate_opt + +# OK, let's get installing ... + # Sanity check: can we can write to the destination? umask 022 && mkdir -p "${CFG_LIBDIR}" -need_ok "can't write to destination. consider `sudo`." +need_ok "can't write to destination. consider 'sudo'." touch "${CFG_LIBDIR}/rust-install-probe" 2> /dev/null if [ $? -ne 0 ] then - err "can't write to destination. consider `sudo`." + err "can't write to destination. consider 'sudo'." fi rm "${CFG_LIBDIR}/rust-install-probe" need_ok "failed to remove install probe" +# Sanity check: don't install to the directory containing the installer. +# That would surely cause chaos. +INSTALLER_DIR="$(cd $(dirname $0) && pwd)" +PREFIX_DIR="$(cd ${CFG_PREFIX} && pwd)" +if [ "${INSTALLER_DIR}" = "${PREFIX_DIR}" ] +then + err "can't install to same directory as installer" +fi + # The file name of the manifest we're going to create during install INSTALLED_MANIFEST="${CFG_LIBDIR}/rustlib/manifest"