summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach White <skullydazed@users.noreply.github.com>2020-05-09 20:08:13 -0700
committerFlorian Didron <fdidron@users.noreply.github.com>2020-06-12 17:00:27 +0900
commita45989a93e432dc43e3dc4928b4338615596732c (patch)
treedd9fa3098410d18d5ba9af627989a1db8c5c3018
parentebc8349609412fb561359b50eebb2282876ac6ed (diff)
Improve security of avrdude by eliminating the use of well-known names. (#9026)
* Improve security by eliminating the use of well-known names. * Add an additional $ so the shell expands $TMP1 and $TMP2 Co-authored-by: Joel Challis <git@zvecr.com> Co-authored-by: Joel Challis <git@zvecr.com>
-rw-r--r--tmk_core/avr.mk13
1 files changed, 8 insertions, 5 deletions
diff --git a/tmk_core/avr.mk b/tmk_core/avr.mk
index 12aa709a24..e5068d92ec 100644
--- a/tmk_core/avr.mk
+++ b/tmk_core/avr.mk
@@ -156,17 +156,20 @@ dfu-split-right: $(BUILD_DIR)/$(TARGET).hex cpfirmware check-size
define EXEC_AVRDUDE
USB= ;\
if $(GREP) -q -s Microsoft /proc/version; then \
- echo 'ERROR: AVR flashing cannot be automated within the Windows Subsystem for Linux (WSL) currently. Instead, take the .hex file generated and flash it using AVRDUDE, AVRDUDESS, or XLoader.'; \
+ echo 'ERROR: AVR flashing cannot be automated within the Windows Subsystem for Linux (WSL) currently. Instead, take the .hex file generated and flash it using QMK Toolbox, AVRDUDE, AVRDUDESS, or XLoader.'; \
else \
printf "Detecting USB port, reset your controller now."; \
- ls /dev/tty* > /tmp/1; \
+ TMP1=`mktemp`; \
+ TMP2=`mktemp`; \
+ ls /dev/tty* > $$TMP1; \
while [ -z $$USB ]; do \
sleep 0.5; \
printf "."; \
- ls /dev/tty* > /tmp/2; \
- USB=`comm -13 /tmp/1 /tmp/2 | $(GREP) -o '/dev/tty.*'`; \
- mv /tmp/2 /tmp/1; \
+ ls /dev/tty* > $$TMP2; \
+ USB=`comm -13 $$TMP1 $$TMP2 | $(GREP) -o '/dev/tty.*'`; \
+ mv $$TMP2 $$TMP1; \
done; \
+ rm $$TMP2 $$TMP1; \
echo ""; \
echo "Device $$USB has appeared; assuming it is the controller."; \
if $(GREP) -q -s 'MINGW\|MSYS' /proc/version; then \