fix(build-app): bail out if 'mktemp -d' fails instead of cp-ing into '/'

The DMG creation step sets DMG_TMP from 'mktemp -d' with no error check. If mktemp fails (tmpfs full, permissions, TMPDIR misconfigured), DMG_TMP is empty and the very next line — 'cp -a "\$APP_DIR" "\$DMG_TMP/"' — expands to 'cp -a "<app>" "/"', which copies the bundle into the root of the filesystem. Refuse to continue unless mktemp produced a real directory. Defensive second check catches the (rare) case where mktemp succeeds but returns something that isn't a directory we can cp into.
2026-06-17 07:10:12 +02:00 · 2026-04-24 00:05:30 +05:30
parent 8abf726f04
commit b7d690bb34
1 changed files with 5 additions and 1 deletions
@@ -179,7 +179,11 @@ echo "  Creating DMG..."
 rm -f "$DMG_PATH"

 # Create a temporary directory for DMG contents
-DMG_TMP=$(mktemp -d)
+DMG_TMP=$(mktemp -d) || { echo "ERROR: mktemp -d failed — refusing to continue so we don't cp into the filesystem root." >&2; exit 1; }
+if [ -z "$DMG_TMP" ] || [ ! -d "$DMG_TMP" ]; then
+  echo "ERROR: mktemp -d returned an invalid path ('$DMG_TMP')." >&2
+  exit 1
+fi
 cp -a "$APP_DIR" "$DMG_TMP/"
 ln -s /Applications "$DMG_TMP/Applications"