[coreboot-gerrit] Change in coreboot[master]: util/lint/checkpatch.pl: Untaint filename
Martin Roth (Code Review)
gerrit at coreboot.org
Sun Jan 28 01:31:53 CET 2018
Martin Roth has uploaded this change for review. ( https://review.coreboot.org/23473
Change subject: util/lint/checkpatch.pl: Untaint filename
......................................................................
util/lint/checkpatch.pl: Untaint filename
This fixes the warning that is seen on the jenkins server:
Insecure dependency in piped open while running setgid at
util/lint/checkpatch.pl line 958.
Change-Id: I476efa76ef6a275584a47ec0ecf2315948d53e9d
Signed-off-by: Martin Roth <martinroth at google.com>
---
M util/lint/checkpatch.pl
1 file changed, 4 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/73/23473/1
diff --git a/util/lint/checkpatch.pl b/util/lint/checkpatch.pl
index e9a0cc4..c35a0d6 100755
--- a/util/lint/checkpatch.pl
+++ b/util/lint/checkpatch.pl
@@ -951,6 +951,10 @@
my $vname;
for my $filename (@ARGV) {
my $FILE;
+
+ # coreboot: Mark filename as untainted
+ $filename =~ /^(.*)$/s or die; $filename = $1;
+
if ($git) {
open($FILE, '-|', "git format-patch -M --stdout -1 $filename") ||
die "$P: $filename: git format-patch failed - $!\n";
--
To view, visit https://review.coreboot.org/23473
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I476efa76ef6a275584a47ec0ecf2315948d53e9d
Gerrit-Change-Number: 23473
Gerrit-PatchSet: 1
Gerrit-Owner: Martin Roth <martinroth at google.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20180128/1d0873b2/attachment.html>
More information about the coreboot-gerrit
mailing list