Avoid "eval" when setting XZ_VERSION.

The xz man page has the example that uses "eval". Due to the XZ Utils backdoor incident, the use of "eval" it understandably makes people worried. The new method is more robust in case XZ_OPT or XZ_DEFAULTS contain options that usually shouldn't be there. For example, with XZ_OPT=--help the "eval" method would execute the --help output.
author: Lasse Collin <lasse.collin@tukaani.org> 2024-04-03 19:34:10 +0300
committer: Lasse Collin <lasse.collin@tukaani.org> 2024-04-03 19:34:10 +0300
commit: ee4f9743b1652df49a343bb9be15f98ba60abbbb (patch)
tree: 1069a5ab9eb4b20ac983ee11f7048296a1f8739f
parent: 62d5603b5114c5aa8bb5f6bb461efbe0e3b51891 (diff)
download: xz-embedded-ee4f9743b1652df49a343bb9be15f98ba60abbbb.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/linux/scripts/xz_wrap.sh b/linux/scripts/xz_wrap.sh
index 5bdf0c3..c09a83a 100755
--- a/linux/scripts/xz_wrap.sh
+++ b/linux/scripts/xz_wrap.sh
@@ -31,9 +31,9 @@ is_enabled()
 	grep -q "^$1=y$" include/config/auto.conf
 }
 
-# Set XZ_VERSION (and LIBLZMA_VERSION). This is needed to disable features
-# that aren't available in old XZ Utils versions.
-eval "$($XZ --robot --version)" || exit
+# XZ_VERSION is needed to disable features that aren't available in
+# old XZ Utils versions.
+XZ_VERSION=$($XZ --robot --version | sed -n 's/^XZ_VERSION=//p') || exit
 
 # Assume that no BCJ filter is available.
 BCJ=
author	Lasse Collin <lasse.collin@tukaani.org>	2024-04-03 19:34:10 +0300
committer	Lasse Collin <lasse.collin@tukaani.org>	2024-04-03 19:34:10 +0300
commit	ee4f9743b1652df49a343bb9be15f98ba60abbbb (patch)
tree	1069a5ab9eb4b20ac983ee11f7048296a1f8739f
parent	62d5603b5114c5aa8bb5f6bb461efbe0e3b51891 (diff)
download	xz-embedded-ee4f9743b1652df49a343bb9be15f98ba60abbbb.tar.gz