From 799d23521844d92344834aa4586b27285d263f4e Mon Sep 17 00:00:00 2001
From: Axel Burri <axel@tty0.ch>
Date: Fri, 2 Dec 2022 22:32:17 +0100
Subject: [PATCH] btrbk: remove double-slash from file arguments

Sanitize file (or subvolume path) arguments in safe_cmd, effectively
removing leading double slash.

Files originating from "volume /" can be assembled as "//some/subvol",
which is useful internally but undesired as command arguments, as
ancient systems might interpret leading double slash "//" in a special
way.

Posix states:

> A pathname that begins with two successive slashes may be
> interpreted in an implementation-defined manner, although more than
> two leading slashes shall be treated as a single slash.
---
 btrbk | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/btrbk b/btrbk
index ba77228..719066b 100755
--- a/btrbk
+++ b/btrbk
@@ -806,10 +806,12 @@ sub _safe_cmd($;$)
       $_ = $_->{unsafe};
       die "cannot quote leading dash for command: $_" if(/^-/);
       # NOTE: all files must be absolute
-      if($offending) {
-        push @$offending, $_ unless(defined(check_file($_, { absolute => 1 })));
+      my $file = check_file($_, { absolute => 1 }, sanitize => 1 );
+      unless(defined($file)) {
+        die "uncaught unsafe file: $_" unless($offending);
+        push @$offending, $_;
       }
-      $_ = $prefix . quoteshell($_) . $postfix;
+      $_ = $prefix . quoteshell($file // $_) . $postfix;
     }
     $_
   } @$aref;