GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

util/lint/checkpatch.pl: Untaint filename 

This fixes the warning that is seen on the jenkins server:
Insecure dependency in piped open while running setgid at
util/lint/checkpatch.pl line 958.

Change-Id: I476efa76ef6a275584a47ec0ecf2315948d53e9d
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/23473
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
This commit is contained in:
Martin Roth 2018-01-27 17:31:42 -07:00
parent 0f68b23aaf
commit a9868b2dfc
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
util/lint/checkpatch.pl
View File

@ -951,6 +951,10 @@ if ($git) {
my $vname; my $vname;
for my $filename (@ARGV) { for my $filename (@ARGV) {
my $FILE; my $FILE;
# coreboot: Mark filename as untainted
$filename =~ /^(.*)$/s or die; $filename = $1;
if ($git) { if ($git) {
open($FILE, '-|', "git format-patch -M --stdout -1 $filename") || open($FILE, '-|', "git format-patch -M --stdout -1 $filename") ||
die "$P: $filename: git format-patch failed - $!\n"; die "$P: $filename: git format-patch failed - $!\n";