btrbk: remove double-slash from file arguments

Sanitize file (or subvolume path) arguments in safe_cmd, effectively removing leading double slash. Files originating from "volume /" can be assembled as "//some/subvol", which is useful internally but undesired as command arguments, as ancient systems might interpret leading double slash "//" in a special way. Posix states: > A pathname that begins with two successive slashes may be > interpreted in an implementation-defined manner, although more than > two leading slashes shall be treated as a single slash.
digint · Dec 2, 2022 · 142fa6c · 142fa6c
1 parent c0d6a41
commit 142fa6c
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/btrbk b/btrbk
@@ -809,10 +809,12 @@ sub _safe_cmd($;$)
       $_ = $_->{unsafe};
       die "cannot quote leading dash for command: $_" if(/^-/);
       # NOTE: all files must be absolute
-      if($offending) {
-        push @$offending, $_ unless(defined(check_file($_, { absolute => 1 })));
+      my $file = check_file($_, { absolute => 1 }, sanitize => 1 );
+      unless(defined($file)) {
+        die "uncaught unsafe file: $_" unless($offending);
+        push @$offending, $_;
       }
-      $_ = $prefix . quoteshell($_) . $postfix;
+      $_ = $prefix . quoteshell($file // $_) . $postfix;
     }
     $_
   } @$aref;