From a7be451e16958d8ec71d93b8ce296508dec817d7 Mon Sep 17 00:00:00 2001 From: shenmo Date: Wed, 19 Nov 2025 23:45:58 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=EF=BC=9A=E6=97=A0=E6=B3=95?= =?UTF-8?q?=E5=90=AF=E5=8A=A8=E5=B8=A6=E6=9C=89=E7=A9=BA=E6=A0=BC=E7=9A=84?= =?UTF-8?q?=E5=BA=94=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/usr/bin/apm | 2 +- src/var/lib/apm/apm/files/ace-run | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/usr/bin/apm b/src/usr/bin/apm index 07fc212..440b5db 100755 --- a/src/usr/bin/apm +++ b/src/usr/bin/apm @@ -111,7 +111,7 @@ apm_exec(){ fuse-overlayfs -o lowerdir="$lowerdir",upperdir="${PATH_PREFIX}/var/lib/apm/${coredir}/files/core/",workdir="${PATH_PREFIX}/var/lib/apm/${coredir}/files/work/" "/tmp/apm/${coredir}" # 执行命令 - chrootEnvPath="/tmp/apm/${coredir}" ${APM_RUN_EXEC} "$@" + chrootEnvPath="/tmp/apm/${coredir}" "${APM_RUN_EXEC}" "$@" # 卸载 umount "/tmp/apm/${coredir}" diff --git a/src/var/lib/apm/apm/files/ace-run b/src/var/lib/apm/apm/files/ace-run index bbf518d..629a974 100755 --- a/src/var/lib/apm/apm/files/ace-run +++ b/src/var/lib/apm/apm/files/ace-run @@ -45,18 +45,19 @@ if [ "${APM_USE_SANDBOX:-0}" = "1" ]; then ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir MUSIC)) fi -#### This part is for args pharm -if [ "$1" = "" ];then -container_command="bash" +if [ $# -eq 0 ]; then + container_command="bash" else -container_command="$1" -shift -for arg in "$@"; do - arg="$(echo "${arg}x" | sed 's|'\''|'\'\\\\\'\''|g')" - arg="${arg%x}" - container_command="${container_command} '${arg}'" -done + # 正确转义所有参数,处理空格和特殊字符 + container_command="" + for arg in "$@"; do + # 使用 printf %q 进行安全的 shell 转义 + escaped_arg="$(printf "%q" "$arg")" + container_command="${container_command} ${escaped_arg}" + done + container_command="${container_command# }" # 移除开头的空格 fi + ######################################################################################### ##########合成bwrap 1. 基础函数配置段 # 初始化 EXEC_COMMAND 为 bwrap 基础指令 @@ -198,4 +199,4 @@ add_command "bash -c \"${container_command}\"" # echo "${EXEC_COMMAND}" # 注意: 实际执行时,请确保所有变量(如 $uid, $chrootEnvPath 等)都已正确定义 -eval ${EXEC_COMMAND} \ No newline at end of file +eval "${EXEC_COMMAND}" \ No newline at end of file