[bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more p

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more p

From:	Chris Marusich
Subject:	[bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more paths.
Date:	Tue, 20 Mar 2018 04:26:00 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Danny Milosavljevic <address@hidden> writes:

>> +  (define (sanitize path-fragment)
>> +    (escape-special-chars
>> +     ;; GNU tar strips the leading slash off of absolute paths before 
>> applying
>> +     ;; the transformations, so we need to do the same, or else our
>> +     ;; replacements won't match any paths.
>> +     (string-trim path-fragment #\/)
>> +     ;; Escape the basic regexp special characters (see: "(sed) BRE 
>> syntax").
>> +     ;; We also need to escape "/" because we use it as a delimiter.
>> +     "/*.^$[]\\"
>> +     #\\))
>
> I'm not such a fan of using blacklist.  Those can easily get out of sync and
> nobody notices.  But in this case I guess people take care not to extend
> basic regexp special characters in sed (tar) without the user specifying a 
> flag
> requiring it.

That's a good point.  However, I think we're OK here, since we are in
full control over how we invoke tar.  To give us full control over how
we invoke tar, I specifically took care to hide the fact that we are
using tar under the covers to do the transformations.  Even if tar
silently changes its contract (that seems unlikely to me), we can just
change our code accordingly, and callers will be none the wiser.

-- 
Chris

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#30572] [PATCH 1/7] gnu: bootstrap: Add trivial packages for bash, mkdir, tar, and xz., (continued)
- [bug#30572] [PATCH 3/7] vm: Allow control of deduplication in root-partition-initializer., Chris Marusich, 2018/03/15
  - [bug#30572] [PATCH 3/7] vm: Allow control of deduplication in root-partition-initializer., Danny Milosavljevic, 2018/03/16
  - [bug#30572] [PATCH 3/7] vm: Allow control of deduplication in root-partition-initializer., Ludovic Courtès, 2018/03/17
- [bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more paths., Chris Marusich, 2018/03/15
  - [bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more paths., Danny Milosavljevic, 2018/03/16
    - [bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more paths., Chris Marusich <=
- [bug#30572] [PATCH 7/7] tests: Add tests for "guix system disk-image" et al., Chris Marusich, 2018/03/15
  - [bug#30572] [PATCH 7/7] tests: Add tests for "guix system disk-image" et al., Danny Milosavljevic, 2018/03/16
- [bug#30572] [PATCH 4/7] gnu: When building in a VM, share a temporary directory., Chris Marusich, 2018/03/15
  - [bug#30572] [PATCH 4/7] gnu: When building in a VM, share a temporary directory., Danny Milosavljevic, 2018/03/16
    - [bug#30572] [PATCH 4/7] gnu: When building in a VM, share a temporary directory., Chris Marusich, 2018/03/19
- [bug#30572] [PATCH 6/7] system: Add "guix system docker-image" command., Chris Marusich, 2018/03/15
  - [bug#30572] [PATCH 6/7] system: Add "guix system docker-image" command., Danny Milosavljevic, 2018/03/16
  - [bug#30572] [PATCH 6/7] system: Add "guix system docker-image" command., Ludovic Courtès, 2018/03/17
    - [bug#30572] [PATCH 6/7] system: Add "guix system docker-image" command., Chris Marusich, 2018/03/20
    - [bug#30572] [PATCH 6/7] system: Add "guix system docker-image" command., Chris Marusich, 2018/03/21

Prev by Date: [bug#30572] [PATCH 4/7] gnu: When building in a VM, share a temporary directory.
Next by Date: bug#30850: Git Patch for CRAN-abbyyR [Outreachy]
Previous by thread: [bug#30572] [PATCH 5/7] guix: Rewrite build-docker-image to allow more paths.
Next by thread: [bug#30572] [PATCH 7/7] tests: Add tests for "guix system disk-image" et al.
Index(es):
- Date
- Thread