base-files: sysupgrade: quote source image name
authorJohn Crispin <john@openwrt.org>
Mon, 14 Sep 2015 20:09:06 +0000 (20:09 +0000)
committerJohn Crispin <john@openwrt.org>
Mon, 14 Sep 2015 20:09:06 +0000 (20:09 +0000)
get_image() eval a filename without quoting it, resulting in errors with
filenames containing characters that need to be escaped.
    $ sysupgrade -T -f ./cfg\(12\).tar.gz img.bin; echo $?
    Image check 'platform_check_image' failed.
    Invalid config file. Please use only .tar.gz files
    1
    $ mv cfg\(12\).tar.gz cfg_12.tar.gz
    $ mv img\(1\).bin img.bin
    sysupgrade -T -f ./cfg_12.tar.gz img.bin; echo $?
    0

Enclose the content of $from in double quotes.

Signed-off-by: Adrien Schildknecht <adrien+dev@schischi.me>
SVN-Revision: 46919

package/base-files/files/lib/upgrade/common.sh

index 189ef69..761b4c1 100644 (file)
@@ -184,14 +184,14 @@ get_image() { # <source> [ <command> ]
                *) cmd="cat";;
        esac
        if [ -z "$conc" ]; then
-               local magic="$(eval $cmd $from 2>/dev/null | dd bs=2 count=1 2>/dev/null | hexdump -n 2 -e '1/1 "%02x"')"
+               local magic="$(eval $cmd \"$from\" 2>/dev/null | dd bs=2 count=1 2>/dev/null | hexdump -n 2 -e '1/1 "%02x"')"
                case "$magic" in
                        1f8b) conc="zcat";;
                        425a) conc="bzcat";;
                esac
        fi
 
-       eval "$cmd $from 2>/dev/null ${conc:+| $conc}"
+       eval "$cmd \"$from\" 2>/dev/null ${conc:+| $conc}"
 }
 
 get_magic_word() {