On Tue, Aug 28, 2007 at 03:00:30AM +0400, Aleksey Morozov wrote:
> Update of /people/morozov/packages/gear.git
[...]
> Full diff since `1.2.5-alt1' follows:
[...]
> --- a/gear-sh-functions.in
> +++ b/gear-sh-functions.in
[...]
>  get_NVR_from_spec()
>  {
>  	local spec="$1" && shift
> +        local arg=${rpm_rclist:--q} # extra -q does't affect anything
>  
> -	spec_name="$(sed '/^name:[[:space:]]*/I!d;s///;q' "$spec")"
> -	spec_version="$(sed '/^version:[[:space:]]*/I!d;s///;q' "$spec")"
> -	spec_release="$(sed '/^release:[[:space:]]*/I!d;s///;q' "$spec")"
> +	spec_name=$($RPM "$arg" -q --qf '%{NAME}' --specfile "$spec")
> +	spec_version=$($RPM "$arg" -q --qf '%{VERSION}' --specfile "$spec")
> +	spec_release=$($RPM "$arg" -q --qf '%{RELEASE}' --specfile "$spec")

Это изменение противоречит архитектуре gear.
rpmquery --specfile даёт возможность выполнить произвольный код.


-- 
ldv