• Thomas Haller's avatar
    contrib/checkpatch: avoid command injection in checkpatch.pl script · 5e66dcc6
    Thomas Haller authored
    The capture variables, $1, etc, are not valid unless the match
    succeeded, and they're not cleared, either.
    
        $ git checkout -B C origin/master && \
            echo XXXXX > f.txt && \
            git add f.txt && \
            git commit -m 'this commit does something()'
        Branch 'C' set up to track remote branch 'master' from 'origin'.
        Reset branch 'C'
        Your branch is up to date with 'origin/master'.
        sh: -c: line 0: syntax error near unexpected token `('
        sh: -c: line 0: `git log --abbrev=12 --pretty=format:"%h ('%s')" -1 does something() 2>/dev/null'
    
        >>> VALIDATE "a169a98e14 this commit does something()"
        (commit message):4: Commit 'does something()' does not seem to exist:
        > Subject: [PATCH] this commit does something()
    
        (commit message):4: Refer to the commit id properly: :
        > Subject: [PATCH] this commit does something()
    
        The patch does not validate.
    
    (cherry picked from commit d66a1ace)
    5e66dcc6
Name
Last commit
Last update
clients Loading commit data...
contrib Loading commit data...
data Loading commit data...
dispatcher Loading commit data...
docs Loading commit data...
examples Loading commit data...
introspection Loading commit data...
libnm Loading commit data...
libnm-core Loading commit data...
libnm-glib Loading commit data...
libnm-util Loading commit data...
m4 Loading commit data...
man Loading commit data...
po Loading commit data...
shared Loading commit data...
src Loading commit data...
tools Loading commit data...
vapi Loading commit data...
.dir-locals.el Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
.mailmap Loading commit data...
.travis.yml Loading commit data...
AUTHORS Loading commit data...
CONTRIBUTING Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
MAINTAINERS Loading commit data...
Makefile.am Loading commit data...
Makefile.examples Loading commit data...
Makefile.glib Loading commit data...
Makefile.vapigen Loading commit data...
NEWS Loading commit data...
NetworkManager.pc.in Loading commit data...
README Loading commit data...
TODO Loading commit data...
autogen.sh Loading commit data...
config-extra.h.meson Loading commit data...
config.h.meson Loading commit data...
configure.ac Loading commit data...
linker-script-binary.ver Loading commit data...
linker-script-devices.ver Loading commit data...
linker-script-settings.ver Loading commit data...
meson.build Loading commit data...
meson_options.txt Loading commit data...
valgrind.suppressions Loading commit data...
zanata.xml Loading commit data...