[coreboot-gerrit] Change in coreboot[master]: util/lint/checkpatch: Reset the path if running in taint mode
Martin Roth (Code Review)
gerrit at coreboot.org
Wed Aug 30 21:54:15 CEST 2017
Martin Roth has uploaded this change for review. ( https://review.coreboot.org/21293
Change subject: util/lint/checkpatch: Reset the path if running in taint mode
......................................................................
util/lint/checkpatch: Reset the path if running in taint mode
Jenkins is giving warnings due to getting the path from the environment:
Insecure $ENV{PATH} while running setgid at util/lint/checkpatch.pl line
907, <$conststructs> line 39.
This should fix those warnings.
Change-Id: I6a09915d13547bf9a86c011d44cbcd39c46f3fec
Signed-off-by: Martin Roth <martinroth at google.com>
---
M util/lint/checkpatch.pl
1 file changed, 7 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/93/21293/1
diff --git a/util/lint/checkpatch.pl b/util/lint/checkpatch.pl
index 75f6f98..b9dc5f6 100755
--- a/util/lint/checkpatch.pl
+++ b/util/lint/checkpatch.pl
@@ -59,6 +59,13 @@
my $color = 1;
my $allow_c99_comments = 1;
+# For coreboot jenkins
+# If taint mode is enabled, Untaint the path - files must be in /bin, /usr/bin or /usr/local/bin
+if ( ${^TAINT} ) {
+ $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
+ delete @ENV{ 'IFS', 'CDPATH', 'ENV', 'BASH_ENV' };
+}
+
sub help {
my ($exitcode) = @_;
--
To view, visit https://review.coreboot.org/21293
To unsubscribe, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I6a09915d13547bf9a86c011d44cbcd39c46f3fec
Gerrit-Change-Number: 21293
Gerrit-PatchSet: 1
Gerrit-Owner: Martin Roth <martinroth at google.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20170830/04390524/attachment.html>
More information about the coreboot-gerrit
mailing list