mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-10-31 22:25:38 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

scripts: Don't add an empty entry to LD_LIBRARY_PATH

Browse source 
LD_LIBRARY_PATH="/path/to/lib:" is interpreted as equivalent to
LD_LIBRARY_PATH="/path/to/lib:.", loading libraries from the current
working directory, which could lead to malicious libraries being loaded
if the current working directory is untrusted. To avoid this, only add
the current LD_LIBRARY_PATH to the new LD_LIBRARY_PATH if it is
actually set.

This commit also single-quotes the interpolated @VARIABLES@ so that
their values can contain shell special characters (other than single
quotes).

Signed-off-by: Simon McVittie <smcv@debian.org>
This commit is contained in:
Simon McVittie 2020-06-03 10:51:58 +01:00 committed by Wim Taymans
parent 0efadbb297
commit 96eb6e4df8
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pipewire-jack/src/pw-jack.in
View file

@ -53,7 +53,7 @@ done
shift $(( $OPTIND - 1 ))
LD_LIBRARY_PATH=@LIBJACK_PATH@:$LD_LIBRARY_PATH
LD_LIBRARY_PATH='@LIBJACK_PATH@'"${LD_LIBRARY_PATH+":$LD_LIBRARY_PATH"}"
export LD_LIBRARY_PATH
exec "$@"