From d1aaeb46ed5fc7609199c491627abdc16970d0b2 Mon Sep 17 00:00:00 2001
From: Pascal Terjan <pterjan@mandriva.org>
Date: Tue, 10 Mar 2009 17:19:35 +0000
Subject: protect various chars in setExportedVarsInSh and setExportedVarsInCsh

---
 NEWS                     |  4 ++++
 lib/MDK/Common.pm.pl     |  2 +-
 lib/MDK/Common/System.pm | 26 ++++++++++++++------------
 3 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/NEWS b/NEWS
index a41ef58..b6bdc22 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+Version 1.2.17 - 10 March 2009, by Pascal Terjan
+
+- protect various chars in setExportedVarsInSh and setExportedVarsInCsh
+
 Version 1.2.16 - 2 February 2009, by Pascal Terjan
 
 - protect ;<>&#[]~{}*? in setVarsInSh
diff --git a/lib/MDK/Common.pm.pl b/lib/MDK/Common.pm.pl
index 3ca2d6f..5f53635 100644
--- a/lib/MDK/Common.pm.pl
+++ b/lib/MDK/Common.pm.pl
@@ -73,7 +73,7 @@ our @ISA = qw(Exporter);
 # perl_checker: RE-EXPORT-ALL
 our @EXPORT = map { @$_ } map { values %{'MDK::Common::' . $_ . 'EXPORT_TAGS'} } grep { /::$/ } keys %MDK::Common::;
 
-our $VERSION = "1.2.16";
+our $VERSION = "1.2.17";
 
 1;
 EOF
diff --git a/lib/MDK/Common/System.pm b/lib/MDK/Common/System.pm
index e3d514d..419a8d4 100644
--- a/lib/MDK/Common/System.pm
+++ b/lib/MDK/Common/System.pm
@@ -368,20 +368,22 @@ sub setVarsInSh {
     setVarsInShMode($file, 0777 ^ umask(), $l, @fields);
 }
 
+sub quoteForSh {
+    my ($val) = @_;
+    if ($val =~ /["`\$]/) {
+	$val =~ s/(')/\\$1/g;
+	$val = qq('$val');
+    } elsif ($val =~ /[\(\)'|\s\\;<>&#\[\]~{}*?]/) {
+	$val = qq("$val");
+    }
+    $val;
+}
+
 sub setVarsInShMode {
     my ($file, $mod, $l, @fields) = @_;
     @fields = keys %$l unless @fields;
     my $string = join('',
-	map { 
-	    my $val = $l->{$_};
-	    if ($val =~ /["`\$]/) {
-		$val =~ s/(')/\\$1/g;
-		$val = qq('$val');
-	    } elsif ($val =~ /[\(\)'|\s\\;<>&#\[\]~{}*?]/) {
-		$val = qq("$val");
-	    }
-	    "$_=$val\n";
-	} grep { $l->{$_} } @fields
+	map { "$_=".quoteForSh($l->{$_})."\n" } grep { $l->{$_} } @fields
     );
     if ($file =~ m!^/home/!) {
         MDK::Common::File::secured_output($file, $string);
@@ -397,7 +399,7 @@ sub setExportedVarsInSh {
     @fields = keys %$l unless @fields;
 
     MDK::Common::File::output($file, 
-	(map { $l->{$_} ? "$_=$l->{$_}\n" : () } @fields), 
+	(map { $l->{$_} ? "$_=".quoteForSh($l->{$_})."\n" : () } @fields), 
 	@fields ? "export " . join(" ", @fields) . "\n" : (),
     );
 }
@@ -406,7 +408,7 @@ sub setExportedVarsInCsh {
     my ($file, $l, @fields) = @_;
     @fields = keys %$l unless @fields;
 
-    MDK::Common::File::output($file, map { $l->{$_} ? "setenv $_ $l->{$_}\n" : () } @fields);
+    MDK::Common::File::output($file, map { $l->{$_} ? "setenv $_ ".quoteForSh($l->{$_})."\n" : () } @fields);
 }
 
 sub template2file {
-- 
cgit v1.2.1