debian/patches/archimport-use-safe_pipe_capture-for-user-input.diff

   1 From b6221e9efcea1db88daa7d4f78931c1cab5a5e46 Mon Sep 17 00:00:00 2001
   2 From: Jeff King <peff@peff.net>
   3 Date: Mon, 11 Sep 2017 10:24:11 -0400
   4 Subject: archimport: use safe_pipe_capture for user input
   5
   6 Refnames can contain shell metacharacters which need to be
   7 passed verbatim to sub-processes. Using safe_pipe_capture
   8 skips the shell entirely.
   9
  10 Signed-off-by: Jeff King <peff@peff.net>
  11 Signed-off-by: Junio C Hamano <gitster@pobox.com>
  12 ---
  13  git-archimport.perl | 4 ++--
  14  1 file changed, 2 insertions(+), 2 deletions(-)
  15
  16 diff --git a/git-archimport.perl b/git-archimport.perl
  17 index 9cb123a07d..b7c173c345 100755
  18 --- a/git-archimport.perl
  19 +++ b/git-archimport.perl
  20 @@ -983,7 +983,7 @@ sub find_parents {
  21         # check that we actually know about the branch
  22         next unless -e "$git_dir/refs/heads/$branch";
  23
  24 -       my $mergebase = `git-merge-base $branch $ps->{branch}`;
  25 +       my $mergebase = safe_pipe_capture(qw(git-merge-base), $branch, $ps->{branch});
  26         if ($?) {
  27             # Don't die here, Arch supports one-way cherry-picking
  28             # between branches with no common base (or any relationship
  29 @@ -1074,7 +1074,7 @@ sub find_parents {
  30
  31  sub git_rev_parse {
  32      my $name = shift;
  33 -    my $val  = `git-rev-parse $name`;
  34 +    my $val  = safe_pipe_capture(qw(git-rev-parse), $name);
  35      die "Error: git-rev-parse $name" if $?;
  36      chomp $val;
  37      return $val;
  38 --
  39 2.14.1.821.g8fa685d3b7
  40