From c741c6fc3aaa8b75a434faa143c06dd059970d41 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 29 Nov 2011 08:52:12 +0100
Subject: Make sure HOME et al have no unsafe characters.

---
 autogen.sh | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'autogen.sh')

diff --git a/autogen.sh b/autogen.sh
index f4a1de70f..8a424bce5 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -47,6 +47,26 @@ if test x"$1" = x"--force"; then
   shift
 fi
 
+# Reject unsafe characters in $HOME, $tsdir and cwd.  We consider spaces
+# as unsafe because it is too easy to get scripts wrong in this regard.
+am_lf='
+'
+case `pwd` in
+  *[\;\\\"\#\$\&\'\`$am_lf\ \	]*)
+    echo "unsafe working directory name"; DIE=yes;;
+esac
+case $tsdir in
+  *[\;\\\"\#\$\&\'\`$am_lf\ \	]*)
+    echo "unsafe source directory: \`$tsdir'"; DIE=yes;;
+esac
+case $HOME in
+  *[\;\\\"\#\$\&\'\`$am_lf\ \	]*)
+    echo "unsafe home directory: \`$HOME'"; DIE=yes;;
+esac
+if test "$DIE" = "yes"; then
+  exit 1
+fi
+
 # Begin list of optional variables sourced from ~/.gnupg-autogen.rc
 w32_toolprefixes=
 w32_extraoptions=
-- 
cgit v1.2.3