diff options
| author | Jeff King <peff@peff.net> | 2017-09-11 10:24:26 -0400 | 
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2017-09-12 11:10:22 +0900 | 
| commit | 5b4efea666951efe0770f8d5a301f8917015315f (patch) | |
| tree | 81716c784144cb20544ef275e25cd51444493d67 | |
| parent | 4d4165b80d6b91a255e2847583bd4df98b5d54e1 (diff) | |
| download | git-5b4efea666951efe0770f8d5a301f8917015315f.tar.gz | |
cvsimport: shell-quote variable used in backticks
We run `git rev-parse` though the shell, and quote its
argument only with single-quotes. This prevents most
metacharacters from being a problem, but misses the obvious
case when $name itself has single-quotes in it. We can fix
this by applying the usual shell-quoting formula.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rwxr-xr-x | git-cvsimport.perl | 1 | 
1 files changed, 1 insertions, 0 deletions
| diff --git a/git-cvsimport.perl b/git-cvsimport.perl index 1e4e65a45d..36929921ea 100755 --- a/git-cvsimport.perl +++ b/git-cvsimport.perl @@ -642,6 +642,7 @@ sub is_sha1 {  sub get_headref ($) {  	my $name = shift; +	$name =~ s/'/'\\''/;  	my $r = `git rev-parse --verify '$name' 2>/dev/null`;  	return undef unless $? == 0;  	chomp $r; | 
