tools: shellcheck-ify tool scripts

diff --git a/configure b/configure
index fb9d01e1a79461559bedf40efe9aafe2a7b40410..e130c6cb142c1d3d0d30d9aebf4281a01064fe25 100755 (executable)
--- a/configure
+++ b/configure
@@ -2,22 +2,23 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 set -e
 
-cflags=CFLAGS="$CFLAGS"
-cxxflags=CXXFLAGS="$CXXFLAGS"
-declare -a args
-j=0
-for i in "$@"; do
-    case "$i" in
+cflags="CFLAGS=${CFLAGS-}"
+cxxflags="CXXFLAGS=${CXXFLAGS-}"
+args=()
+
+for arg in "$@"; do
+    case "$arg" in
         CFLAGS=*)
-            cflags="$i";;
+            cflags="$arg"
+            ;;
         CXXFLAGS=*)
-            cxxflags="$i";;
-       *)
-           args[$j]="$i"
-           j=$((j+1))
+            cxxflags="$arg"
+            ;;
+        *)
+            args+=("$arg")
     esac
 done
 
-export "$cflags" "$cxxflags"
+export "${cflags?}" "${cxxflags?}"
 set -x
 exec meson build "${args[@]}"

diff --git a/tools/get-coverity.sh b/tools/get-coverity.sh
index 8f84aec80e94294a86bd0447c6a20cc6b7e727ec..00219bf60fed15335e3b7a0215f4e3ab21b063ce 100755 (executable)
--- a/tools/get-coverity.sh
+++ b/tools/get-coverity.sh
@@ -3,33 +3,37 @@
 
 # Download and extract coverity tool
 
+set -e
+set -o pipefail
+
 # Environment check
-[ -z "$COVERITY_SCAN_TOKEN" ] && echo 'ERROR: COVERITY_SCAN_TOKEN must be set' && exit 1
+if [ -z "$COVERITY_SCAN_TOKEN" ]; then
+    echo >&2 'ERROR: COVERITY_SCAN_TOKEN must be set'
+    exit 1
+fi
 
 # Use default values if not set
-PLATFORM=$(uname)
-
-TOOL_BASE=${TOOL_BASE:="/tmp/coverity-scan-analysis"}
-TOOL_ARCHIVE=${TOOL_ARCHIVE:="/tmp/cov-analysis-${PLATFORM}.tgz"}
-
+PLATFORM="$(uname)"
+TOOL_BASE="${TOOL_BASE:-/tmp/coverity-scan-analysis}"
+TOOL_ARCHIVE="${TOOL_ARCHIVE:-/tmp/cov-analysis-${PLATFORM}.tgz}"
 TOOL_URL="https://scan.coverity.com/download/${PLATFORM}"
 
 # Make sure wget is installed
 sudo apt-get update && sudo apt-get -y install wget
 
 # Get coverity tool
-if [ ! -d $TOOL_BASE ]; then
+if [ ! -d "$TOOL_BASE" ]; then
     # Download Coverity Scan Analysis Tool
-    if [ ! -e $TOOL_ARCHIVE ]; then
-       echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
-       wget -nv -O $TOOL_ARCHIVE $TOOL_URL --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN"
+    if [ ! -e "$TOOL_ARCHIVE" ]; then
+        echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
+        wget -nv -O "$TOOL_ARCHIVE" "$TOOL_URL" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN"
     fi
 
     # Extract Coverity Scan Analysis Tool
     echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m"
-    mkdir -p $TOOL_BASE
-    pushd $TOOL_BASE
-    tar xzf $TOOL_ARCHIVE
+    mkdir -p "$TOOL_BASE"
+    pushd "$TOOL_BASE"
+    tar xzf "$TOOL_ARCHIVE"
     popd
 fi
 

diff --git a/tools/meson-build.sh b/tools/meson-build.sh
index 26f995dfc1db8147aa0118e975f4ffe445f9ea06..6d45e89a06d3ed18d7acc2b19ecbfd5e27b66c77 100755 (executable)
--- a/tools/meson-build.sh
+++ b/tools/meson-build.sh
@@ -9,13 +9,14 @@ options="$4"
 CC="$5"
 CXX="$6"
 
+# shellcheck disable=SC2086
 [ -f "$dst/ninja.build" ] || CC="$CC" CXX="$CXX" meson "$src" "$dst" $options
 
 # Locate ninja binary, on CentOS 7 it is called ninja-build, so
 # use that name if available.
-ninja=ninja
+ninja="ninja"
 if which ninja-build >/dev/null 2>&1 ; then
-    ninja=ninja-build
+    ninja="ninja-build"
 fi
 
 "$ninja" -C "$dst" "$target"

diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
index 767da15f7c7f7e249f1eccd7167fd98287dae6a2..d9cfcf8f3b59ceae74456aca70b1b30f02bea8e0 100755 (executable)
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@@ -21,11 +21,11 @@ export LDFLAGS=${LDFLAGS:--L${clang_lib}}
 
 export WORK=${WORK:-$(pwd)}
 export OUT=${OUT:-$(pwd)/out}
-mkdir -p $OUT
+mkdir -p "$OUT"
 
-build=$WORK/build
-rm -rf $build
-mkdir -p $build
+build="$WORK/build"
+rm -rf "$build"
+mkdir -p "$build"
 
 if [ -z "$FUZZING_ENGINE" ]; then
     fuzzflag="llvm-fuzz=true"
@@ -38,28 +38,28 @@ else
     fi
 fi
 
-if ! meson $build -D$fuzzflag -Db_lundef=false; then
-    cat $build/meson-logs/meson-log.txt
+if ! meson "$build" "-D$fuzzflag" -Db_lundef=false; then
+    cat "$build/meson-logs/meson-log.txt"
     exit 1
 fi
 
-ninja -v -C $build fuzzers
+ninja -v -C "$build" fuzzers
 
 # The seed corpus is a separate flat archive for each fuzzer,
 # with a fixed name ${fuzzer}_seed_corpus.zip.
 for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do
-    zip -jqr $OUT/$(basename "$d")_seed_corpus.zip "$d"
+    zip -jqr "$OUT/$(basename "$d")_seed_corpus.zip" "$d"
 done
 
 # get fuzz-dns-packet corpus
-df=$build/dns-fuzzing
-git clone --depth 1 https://github.com/CZ-NIC/dns-fuzzing $df
-zip -jqr $OUT/fuzz-dns-packet_seed_corpus.zip $df/packet
+df="$build/dns-fuzzing"
+git clone --depth 1 https://github.com/CZ-NIC/dns-fuzzing "$df"
+zip -jqr "$OUT/fuzz-dns-packet_seed_corpus.zip" "$df/packet"
 
-install -Dt $OUT/src/shared/ $build/src/shared/libsystemd-shared-*.so
+install -Dt "$OUT/src/shared/" "$build"/src/shared/libsystemd-shared-*.so
 
-wget -O $OUT/fuzz-json.dict https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict
+wget -O "$OUT/fuzz-json.dict" https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict
 
-find $build -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} $OUT \;
-find src -type f -name "fuzz-*.dict" -exec cp {} $OUT \;
-cp src/fuzz/*.options $OUT
+find "$build" -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} "$OUT" \;
+find src -type f -name "fuzz-*.dict" -exec cp {} "$OUT" \;
+cp src/fuzz/*.options "$OUT"

diff --git a/units/meson-add-wants.sh b/units/meson-add-wants.sh
index f6424fe29f0573fc7f74c74f1f84b4acc0272c79..6d8da57402e4199518588e7f8e78b3937e48889f 100755 (executable)
--- a/units/meson-add-wants.sh
+++ b/units/meson-add-wants.sh
@@ -1,5 +1,6 @@
 #!/bin/sh
 # SPDX-License-Identifier: LGPL-2.1-or-later
+# shellcheck disable=SC2154,SC2174
 set -eu
 
 i=1