nhm-tool: generate more secure Makefile

with variables surrounded by commas in shell parts

Author: lyokha

haskell/ngx-export-distribution/Changelog.md

@@ -2,6 +2,8 @@
 
 - *nhm-tool*: add command *plan* to print the build plan or its derivatives.
  Command *deps* is now a synonym for command *plan deps*.
+- *nhm-tool*: generate more secure *Makefile* with variables surrounded by
+ commas in shell parts.
 
 ### 0.5.6.0
 

haskell/ngx-export-distribution/nhm-tool.hs

@@ -545,11 +545,11 @@ makefile InitData {..} = T.concat
  \LIB := $(NAME).so\n\
  \DISTR := $(PKGNAME)-$(PKGVER).tar.gz\n\
  \\n\
- \OBJS := $(SRC:.hs=.o)\n\
- \HIOBJS := $(SRC:.hs=.hi)\n\
- \DYNOBJS := $(SRC:.hs=.dyn_o)\n\
- \DYNHIOBJS := $(SRC:.hs=.dyn_hi)\n\
- \STUBS := $(SRC:.hs=_stub.h)\n\
+ \override OBJS := $(SRC:.hs=.o)\n\
+ \override HIOBJS := $(SRC:.hs=.hi)\n\
+ \override DYNOBJS := $(SRC:.hs=.dyn_o)\n\
+ \override DYNHIOBJS := $(SRC:.hs=.dyn_hi)\n\
+ \override STUBS := $(SRC:.hs=_stub.h)\n\
  \\n\
  \GHC := ghc\n\
  \CABAL := cabal\n\
@@ -582,53 +582,53 @@ makefile InitData {..} = T.concat
  \config: $(SETUPCONFIG)\n\
  \\n\
  \$(GHCENVLNK): cabal.project $(PKGNAME).cabal\n\
- \\trm -f $(GHCENVLNK)\n\
+ \\trm -f \"$(GHCENVLNK)\"\n\
  \\t$(CABAL) install --builddir=\"$(BUILDDIR)\" --lib --only-dependencies \
  \\\\n\
  \\t --package-env .\n\
- \\tsed -i 's/\\(^package-id \\)/--\\1/' $(GHCENV)\n",
+ \\tsed -i 's/\\(^package-id \\)/--\\1/' \"$(GHCENV)\"\n",
  updatePath,
- "\t$(NHMTOOL) deps $(PKGNAME) -d \"$(BUILDDIR)\" >> $(GHCENV)\n\
- \\tln -sf $(GHCENV) $(GHCENVLNK)\n\
+ "\t$(NHMTOOL) deps \"$(PKGNAME)\" -d \"$(BUILDDIR)\" >> \"$(GHCENV)\"\n\
+ \\tln -sf \"$(GHCENV)\" \"$(GHCENVLNK)\"\n\
  \\n\
  \$(SETUPCONFIG): $(GHCENVLNK)\n",
  updatePath,
  "\trunhaskell --ghc-arg=-package=base \\\n\
- \\t --ghc-arg=-package=$(PKGDISTR) Setup.hs configure \\\n\
+ \\t --ghc-arg=-package=\"$(PKGDISTR)\" Setup.hs configure \\\n\
  \\t --builddir=\"$(BUILDDIR)\" \\\n\
  \\t --package-db=clear --package-db=global \\\n\
- \\t $$(sed -n 's/^\\(package-db\\)\\s\\+/--\\1=/p' $(GHCENV)) \\\n\
+ \\t $$(sed -n 's/^\\(package-db\\)\\s\\+/--\\1=/p' \"$(GHCENV)\") \\\n\
  \\t $$(sed -n 's/^package-id\\s\\+\\(.*\\)'` \\\n\
  \\t `'\\(-\\([0-9]\\+\\.\\)*[0-9]\\+\\($$\\|-.*\\)\\)/'` \\\n\
  \\t `'--dependency=\\1=\\1\\2/p' \\\n\
- \\t $(GHCENV)) \\\n\
- \\t --prefix=$(PREFIX)\n\
+ \\t \"$(GHCENV)\") \\\n\
+ \\t --prefix=\"$(PREFIX)\"\n\
  \\n\
  \$(DISTR): $(SETUPCONFIG) $(SRC)\n",
  updatePath,
  "\trunhaskell --ghc-arg=-package=base \\\n\
- \\t --ghc-arg=-package=$(PKGDISTR) Setup.hs build \\\n\
+ \\t --ghc-arg=-package=\"$(PKGDISTR)\" Setup.hs build \\\n\
  \\t --builddir=\"$(BUILDDIR)\" \\\n\
  \\t --ghc-options=\"$(SRC) -o $(LIB) $(LINKRTS)\"\n\
  \\n\
  \install: $(DISTR)\n\
- \\tinstall -d $(PREFIX)\n\
- \\ttar xf $(DISTR) -C $(PREFIX) --no-same-owner\n\
+ \\tinstall -d \"$(PREFIX)\"\n\
+ \\ttar xf \"$(DISTR)\" -C \"$(PREFIX)\" --no-same-owner\n\
  \\n\
  \clean:\n\
- \\trm -rf $(DEPLIBS)\n\
+ \\trm -rf \"$(DEPLIBS)\"\n\
  \\trm -f $(OBJS) $(HIOBJS) $(DYNOBJS) $(DYNHIOBJS) $(STUBS)\n\
- \\trm -f $(LIB)\n\
+ \\trm -f \"$(LIB)\"\n\
  \\n\
  \clean-all: clean\n\
- \\trm -rf $(BUILDDIR)\n\
- \\trm -f $(GHCENV) $(GHCENVLNK) $(DISTR)\n"
+ \\trm -rf \"$(BUILDDIR)\"\n\
+ \\trm -f \"$(GHCENV)\" \"$(GHCENVLNK)\" \"$(DISTR)\"\n"
  ]
  where updatePath =
  "\tif test \"$(NHMTOOL)\" = nhm-tool && ! command -v nhm-tool \
  \>/dev/null; \\\n\
  \\tthen \\\n\
- \\t PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \\\n\
+ \\t PATH=$$(dirname $$($(CABAL) list-bin \"$(PKGDISTR)\" \\\n\
  \\t --builddir=\"$(BUILDDIR)\")):$$PATH; \\\n\
  \\tfi; \\\n"
 

haskell/ngx-export-distribution/test/Makefile

@@ -13,11 +13,11 @@ SRC := $(NAME).hs
 LIB := $(NAME).so
 DISTR := $(PKGNAME)-$(PKGVER).tar.gz
 
-OBJS := $(SRC:.hs=.o)
-HIOBJS := $(SRC:.hs=.hi)
-DYNOBJS := $(SRC:.hs=.dyn_o)
-DYNHIOBJS := $(SRC:.hs=.dyn_hi)
-STUBS := $(SRC:.hs=_stub.h)
+override OBJS := $(SRC:.hs=.o)
+override HIOBJS := $(SRC:.hs=.hi)
+override DYNOBJS := $(SRC:.hs=.dyn_o)
+override DYNHIOBJS := $(SRC:.hs=.dyn_hi)
+override STUBS := $(SRC:.hs=_stub.h)
 
 GHC := ghc
 CABAL := cabal
@@ -52,61 +52,61 @@ env: $(GHCENVLNK)
 config: $(SETUPCONFIG)
 
 $(GHCENVLNK): cabal.project $(PKGNAME).cabal
-rm -f $(GHCENVLNK)
+rm -f "$(GHCENVLNK)"
 $(CABAL) install --builddir="$(BUILDDIR)" --lib --only-dependencies \
  --package-env .
 ifeq ($(INPLACE),1)
-$(CABAL) build --builddir="$(BUILDDIR)" $(PKGDISTR)
+$(CABAL) build --builddir="$(BUILDDIR)" "$(PKGDISTR)"
 echo "package-db $$(pwd)/$(BUILDDIR)/packagedb/ghc-$(GHCVER)" >> \
- $(GHCENV)
+ "$(GHCENV)"
 endif
-sed -i 's/\(^package-id \)/--\1/' $(GHCENV)
+sed -i 's/\(^package-id \)/--\1/' "$(GHCENV)"
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
-$(NHMTOOL) deps $(PKGNAME) -d "$(BUILDDIR)" >> $(GHCENV)
-ln -sf $(GHCENV) $(GHCENVLNK)
+$(NHMTOOL) deps "$(PKGNAME)" -d "$(BUILDDIR)" >> "$(GHCENV)"
+ln -sf "$(GHCENV)" "$(GHCENVLNK)"
 
 $(SETUPCONFIG): $(GHCENVLNK)
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
 runhaskell --ghc-arg=-package=base \
- --ghc-arg=-package=$(PKGDISTR) Setup.hs configure \
+ --ghc-arg=-package="$(PKGDISTR)" Setup.hs configure \
  --builddir="$(BUILDDIR)" \
  --package-db=clear --package-db=global \
- $$(sed -n 's/^\(package-db\)\s\+/--\1=/p' $(GHCENV)) \
+ $$(sed -n 's/^\(package-db\)\s\+/--\1=/p' "$(GHCENV)") \
  $$(sed -n 's/^package-id\s\+\(.*\)'` \
  `'\(-\([0-9]\+\.\)*[0-9]\+\($$\|-.*\)\)/'` \
  `'--dependency=\1=\1\2/p' \
- $(GHCENV)) \
- --prefix=$(PREFIX)
+ "$(GHCENV)") \
+ --prefix="$(PREFIX)"
 
 $(DISTR): $(SETUPCONFIG) $(SRC)
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
 runhaskell --ghc-arg=-package=base \
- --ghc-arg=-package=$(PKGDISTR) Setup.hs build \
+ --ghc-arg=-package="$(PKGDISTR)" Setup.hs build \
  --builddir="$(BUILDDIR)" \
  --ghc-options="$(SRC) -o $(LIB) $(LINKRTS)"
 
 install: $(DISTR)
-install -d $(PREFIX)
-tar xf $(DISTR) -C $(PREFIX) --no-same-owner
+install -d "$(PREFIX)"
+tar xf "$(DISTR)" -C "$(PREFIX)" --no-same-owner
 
 clean:
-rm -rf $(DEPLIBS)
+rm -rf "$(DEPLIBS)"
 rm -f $(OBJS) $(HIOBJS) $(DYNOBJS) $(DYNHIOBJS) $(STUBS)
-rm -f $(LIB)
+rm -f "$(LIB)"
 
 clean-all: clean
-rm -rf $(BUILDDIR)
-rm -f $(GHCENV) $(GHCENVLNK) $(DISTR)
+rm -rf "$(BUILDDIR)"
+rm -f "$(GHCENV)" "$(GHCENVLNK)" "$(DISTR)"
 

test/t/Makefile

@@ -13,11 +13,11 @@ SRC := $(NAME).hs
 LIB := $(NAME).so
 DISTR := $(PKGNAME)-$(PKGVER).tar.gz
 
-OBJS := $(SRC:.hs=.o)
-HIOBJS := $(SRC:.hs=.hi)
-DYNOBJS := $(SRC:.hs=.dyn_o)
-DYNHIOBJS := $(SRC:.hs=.dyn_hi)
-STUBS := $(SRC:.hs=_stub.h)
+override OBJS := $(SRC:.hs=.o)
+override HIOBJS := $(SRC:.hs=.hi)
+override DYNOBJS := $(SRC:.hs=.dyn_o)
+override DYNHIOBJS := $(SRC:.hs=.dyn_hi)
+override STUBS := $(SRC:.hs=_stub.h)
 
 GHC := ghc
 CABAL := cabal
@@ -35,6 +35,7 @@ GHCPUID := $(shell \
  else echo "ghc-$(GHCVER)"; \
  fi)
 GHCENV := .ghc.environment.$(MACHINE)-$(KERNEL)-$(GHCVER)
+GHCENVLNK := .ghc.environment.lnk
 DEPLIBS := $(MACHINE)-$(KERNEL)-$(GHCPUID)
 BUILDDIR := dist-nhm
 SETUPCONFIG := $(BUILDDIR)/setup-config
@@ -43,63 +44,65 @@ SETUPCONFIG := $(BUILDDIR)/setup-config
 
 all: $(DISTR)
 
-env: $(GHCENV)
+env: $(GHCENVLNK)
 
 config: $(SETUPCONFIG)
 
-$(GHCENV): cabal.project $(PKGNAME).cabal
+$(GHCENVLNK): cabal.project $(PKGNAME).cabal
+rm -f "$(GHCENVLNK)"
 $(CABAL) install --builddir="$(BUILDDIR)" --lib --only-dependencies \
  --package-env .
 $(CABAL) build --builddir="$(BUILDDIR)" ngx-export
 $(CABAL) build --builddir="$(BUILDDIR)" $(PKGDISTR)
 echo "package-db $$(pwd)/$(BUILDDIR)/packagedb/ghc-$(GHCVER)" >> \
- $(GHCENV)
+ "$(GHCENV)"
 sed -i 's/\(^package-id \)/--\1/' $(GHCENV)
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
-$(NHMTOOL) deps $(PKGNAME) -d "$(BUILDDIR)" >> $(GHCENV)
+$(NHMTOOL) deps "$(PKGNAME)" -d "$(BUILDDIR)" >> "$(GHCENV)"
+ln -sf "$(GHCENV)" "$(GHCENVLNK)"
 
-$(SETUPCONFIG): $(GHCENV)
+$(SETUPCONFIG): $(GHCENVLNK)
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
 runhaskell --ghc-arg=-package=base \
- --ghc-arg=-package=$(PKGDISTR) Setup.hs configure \
+ --ghc-arg=-package="$(PKGDISTR)" Setup.hs configure \
  --builddir="$(BUILDDIR)" \
  --package-db=clear --package-db=global \
- $$(sed -n 's/^\(package-db\)\s\+/--\1=/p' $(GHCENV)) \
+ $$(sed -n 's/^\(package-db\)\s\+/--\1=/p' "$(GHCENV)") \
  $$(sed -n 's/^package-id\s\+\(.*\)'` \
  `'\(-\([0-9]\+\.\)*[0-9]\+\($$\|-.*\)\)/'` \
  `'--dependency=\1=\1\2/p' \
- $(GHCENV)) \
- --prefix=$(PREFIX)
+ "$(GHCENV)") \
+ --prefix="$(PREFIX)"
 
 $(DISTR): $(SETUPCONFIG) $(SRC)
 if test "$(NHMTOOL)" = nhm-tool && ! command -v nhm-tool >/dev/null; \
 then \
- PATH=$$(dirname $$($(CABAL) list-bin $(PKGDISTR) \
+ PATH=$$(dirname $$($(CABAL) list-bin "$(PKGDISTR)" \
  --builddir="$(BUILDDIR)")):$$PATH; \
 fi; \
 runhaskell --ghc-arg=-package=base \
- --ghc-arg=-package=$(PKGDISTR) Setup.hs build \
+ --ghc-arg=-package="$(PKGDISTR)" Setup.hs build \
  --builddir="$(BUILDDIR)" \
  --ghc-options="$(SRC) -o $(LIB) $(LINKRTS)"
 
 install: $(DISTR)
-install -d $(PREFIX)
-tar xf $(DISTR) -C $(PREFIX) --no-same-owner
+install -d "$(PREFIX)"
+tar xf "$(DISTR)" -C "$(PREFIX)" --no-same-owner
 
 clean:
-rm -rf $(DEPLIBS)
+rm -rf "$(DEPLIBS)"
 rm -f $(OBJS) $(HIOBJS) $(DYNOBJS) $(DYNHIOBJS) $(STUBS)
-rm -f $(LIB)
+rm -f "$(LIB)"
 
 clean-all: clean
-rm -rf $(BUILDDIR)
-rm -f $(GHCENV) $(DISTR)
+rm -rf "$(BUILDDIR)"
+rm -f "$(GHCENV)" "$(GHCENVLNK)" "$(DISTR)"