diff options
author | Andrew Robbins <contact@andrewrobbins.info> | 2017-07-19 20:54:23 -0400 |
---|---|---|
committer | Andrew Robbins <contact@andrewrobbins.info> | 2017-07-19 20:54:23 -0400 |
commit | 52edf8e99d0adf249d65f150e40cd7cdc49dd5a0 (patch) | |
tree | f8f5c7f5c7c0a78311418e0965034769b6911710 | |
parent | 0f064d92c72733155be1283b24e91ac81962edc1 (diff) | |
download | librebootfr-52edf8e99d0adf249d65f150e40cd7cdc49dd5a0.tar.gz librebootfr-52edf8e99d0adf249d65f150e40cd7cdc49dd5a0.zip |
Avoid exploiting local variables' dynamic scoping
Local variables 'epoch_path' and 'rnd_seed_path' are moved from
libreboot_setup_variables() to
libreboot_setup_reproducible_builds_variables() in order to keep
things more-or-less lexical in the source code (local variables in
Bash are dynamic in scope).
-rwxr-xr-x | libreboot | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -154,8 +154,6 @@ libreboot_setup_include() { libreboot_setup_variables() { local vboot_tools_path="$(project_install_path 'vboot' 'tools')" local version_path="${root}/${DOTVERSION}" - local epoch_path="${root}/${DOTEPOCH}" - local rnd_seed_path="${root}/${DOTRNDSEED}" if [[ -z "${VERSION}" ]]; then if git_check "${root}"; then @@ -175,6 +173,9 @@ libreboot_setup_variables() { } libreboot_setup_reproducible_builds_variables() { + local epoch_path="${root}/${DOTEPOCH}" + local rnd_seed_path="${root}/${DOTRNDSEED}" + # Used by GCC, e.g., -frandom-seed="${RANDOM_SEED}" if [[ -z "${RANDOM_SEED}" ]]; then if [[ -f "${rnd_seed_path}" ]]; then |