aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Robbins <contact@andrewrobbins.info>2017-07-19 20:54:23 -0400
committerAndrew Robbins <contact@andrewrobbins.info>2017-07-19 20:54:23 -0400
commit52edf8e99d0adf249d65f150e40cd7cdc49dd5a0 (patch)
treef8f5c7f5c7c0a78311418e0965034769b6911710
parent0f064d92c72733155be1283b24e91ac81962edc1 (diff)
downloadlibrebootfr-52edf8e99d0adf249d65f150e40cd7cdc49dd5a0.tar.gz
librebootfr-52edf8e99d0adf249d65f150e40cd7cdc49dd5a0.zip
Avoid exploiting local variables' dynamic scoping
Local variables 'epoch_path' and 'rnd_seed_path' are moved from libreboot_setup_variables() to libreboot_setup_reproducible_builds_variables() in order to keep things more-or-less lexical in the source code (local variables in Bash are dynamic in scope).
-rwxr-xr-xlibreboot5
1 files changed, 3 insertions, 2 deletions
diff --git a/libreboot b/libreboot
index bb6e4141..4c00b65e 100755
--- a/libreboot
+++ b/libreboot
@@ -154,8 +154,6 @@ libreboot_setup_include() {
libreboot_setup_variables() {
local vboot_tools_path="$(project_install_path 'vboot' 'tools')"
local version_path="${root}/${DOTVERSION}"
- local epoch_path="${root}/${DOTEPOCH}"
- local rnd_seed_path="${root}/${DOTRNDSEED}"
if [[ -z "${VERSION}" ]]; then
if git_check "${root}"; then
@@ -175,6 +173,9 @@ libreboot_setup_variables() {
}
libreboot_setup_reproducible_builds_variables() {
+ local epoch_path="${root}/${DOTEPOCH}"
+ local rnd_seed_path="${root}/${DOTRNDSEED}"
+
# Used by GCC, e.g., -frandom-seed="${RANDOM_SEED}"
if [[ -z "${RANDOM_SEED}" ]]; then
if [[ -f "${rnd_seed_path}" ]]; then