Quote var/cmd output in shell script to prevent word splitting

5 years ago · 3ea7dd925c
parent eaf9f3b8cb
commit 3ea7dd925c
4 changed files with 8 additions and 8 deletions
--- a/dnscrypt-wrapper.sh
+++ b/dnscrypt-wrapper.sh
@ -10,7 +10,7 @@ prune() {
 }

 rotation_needed() {
-    if [ $(/usr/bin/find "$STKEYS_DIR" -name '*.cert' -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g') -le 0 ]; then
+    if [ "$(/usr/bin/find "$STKEYS_DIR" -name '*.cert' -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g')" -le 0 ]; then
        echo true
    else
        echo false
@ -54,7 +54,7 @@ provider_name=$(cat "$KEYS_DIR/provider_name")

 mkdir -p "$STKEYS_DIR"
 prune
-[ $(rotation_needed) = true ] && new_key
+[ "$(rotation_needed)" = true ] && new_key

 [ -r "$BLACKLIST" ] && blacklist_opt="--blacklist-file=${BLACKLIST}"

@ -64,5 +64,5 @@ exec /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
    --resolver-address=127.0.0.1:553 \
    --provider-name="$provider_name" \
    --provider-cert-file="$(stcerts_files)" \
-    --crypt-secretkey-file=$(stkeys_files) \
+    --crypt-secretkey-file="$(stkeys_files)" \
    $blacklist_opt
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -9,7 +9,7 @@ KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
 # -N provider-name -E external-ip-address:port

 init() {
-    if [ $(is_initialized) = yes ]; then
+    if [ "$(is_initialized)" = yes ]; then
        start
        exit $?
    fi
@ -73,7 +73,7 @@ is_initialized() {
 }

 ensure_initialized() {
-    if [ $(is_initialized) = no ]; then
+    if [ "$(is_initialized)" = no ]; then
        echo "Please provide an initial configuration (init -N <provider_name> -E <external IP>)" >&2
        exit 1
    fi
--- a/key-rotation.sh
+++ b/key-rotation.sh
@ -6,13 +6,13 @@ KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
 STKEYS_DIR="${KEYS_DIR}/short-term"

 rotation_needed() {
-    if [ $(/usr/bin/find "$STKEYS_DIR" -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g') -le 0 ]; then
+    if [ "$(/usr/bin/find "$STKEYS_DIR" -type f -cmin -720 -print -quit | wc -l | sed 's/[^0-9]//g')" -le 0 ]; then
        echo true
    else
        echo false
    fi
 }

-[ $(rotation_needed) = true ] || exit 0
+[ "$(rotation_needed)" = true ] || exit 0
 sv status dnscrypt-wrapper | egrep -q '^run:' || exit 0
 sv restart dnscrypt-wrapper
--- a/unbound.sh
+++ b/unbound.sh
@ -13,7 +13,7 @@ availableMemory=$(($availableMemory - $reserved))
 msg_cache_size=$(($availableMemory / 3))
 rr_cache_size=$(($availableMemory / 3))
 nproc=$(nproc)
-if [ $nproc -gt 1 ]; then
+if [ "$nproc" -gt 1 ]; then
    threads=$(($nproc - 1))
 else
    threads=1