From: Sebastian Pipping <sebastian@pipping.org>
Date: Fri, 6 Mar 2015 15:51:06 +0000 (+0100)
Subject: Source cmdlineopts.clp from same folder as grml-debootstrap file (issue #59)
X-Git-Tag: v0.69~3
X-Git-Url: https://git.grml.org/?p=grml-debootstrap.git;a=commitdiff_plain;h=7b07013305bea95e8d6db7239c82be09624a11b8;ds=sidebyside

Source cmdlineopts.clp from same folder as grml-debootstrap file (issue #59)

Simplified, this fixes CVE-2015-1378 for everyone but grml-debootstrap developers.
---

diff --git a/grml-debootstrap b/grml-debootstrap
index 2a27c46..f7b85eb 100755
--- a/grml-debootstrap
+++ b/grml-debootstrap
@@ -293,8 +293,9 @@ fi
 
 # cmdline handling {{{
 # source external command line parameter-processing script
-if [ -r ./cmdlineopts.clp ] ; then
-   . ./cmdlineopts.clp
+self_dir="$(dirname "$(which "$0")")"
+if [ -r "${self_dir}"/cmdlineopts.clp ] ; then
+   . "${self_dir}"/cmdlineopts.clp
 elif [ -r /usr/share/grml-debootstrap/functions/cmdlineopts.clp ] ; then
    . /usr/share/grml-debootstrap/functions/cmdlineopts.clp
 else