From d4a9e0daa4242a9d58e62e7e8e5b47bc909f655a Mon Sep 17 00:00:00 2001 From: William Chargin Date: Sun, 2 Sep 2018 23:22:53 -0700 Subject: [PATCH] Add ":" as a shell-safe character (#753) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Test Plan: Running `./test_build_static_site.t --long -v` no longer detects the feedback URL as unsafe. (Prior to this commit, it emitted a message to this effect.) The build is still broken on Linux for other reasons, but works on macOS or any other system where `sh` resolves to Bash. As a regression test, the “potentially unsafe argument” warning has been made to actually fail the test case. To verify this, remove `:` from the list of `unusual_chars`, run the test, and note that it fails outright. wchargin-branch: shell-safe-colon --- sharness/test_build_static_site.t | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/sharness/test_build_static_site.t b/sharness/test_build_static_site.t index 1c5c19a..44334fe 100755 --- a/sharness/test_build_static_site.t +++ b/sharness/test_build_static_site.t @@ -134,16 +134,21 @@ run_build() { output_dir="build_output/output_${prereq_name}" api_dir="${output_dir}/api/v1/data" data_dir="${api_dir}/data" + unsafe_arg= for arg in "${output_dir}" "$@"; do - unusual_chars="$(printf '%s' "$arg" | sed -e 's#[A-Za-z0-9/_.-]##g')" + unusual_chars="$(printf '%s' "$arg" | sed -e 's#[A-Za-z0-9:/_.-]##g')" if [ -n "${unusual_chars}" ]; then - printf 'fatal: potentially unsafe argument: %s\n' "${arg}" - return + unsafe_arg="${arg}" + break fi done - flags="--target $output_dir $*" # checked for sanity above + flags="--target $output_dir $*" # only used if ! [ -n "${unsafe_arg}" ] test_expect_success EXPENSIVE,HAVE_GITHUB_TOKEN \ "${prereq_name}: ${description}" ' + if [ -n "${unsafe_arg}" ]; then + printf >&2 "fatal: potentially unsafe argument: %s\n" "${arg}" && + false + fi && run '"${flags}"' 2>err && test_must_fail grep -vF \ -e "Removing build directory: " \