diff options
| author | teor <teor@torproject.org> | 2019-08-29 22:53:44 +1000 |
|---|---|---|
| committer | teor <teor@torproject.org> | 2019-08-29 22:53:44 +1000 |
| commit | d0e31b4d1f10279280ce7cc9ece71d17a79ed6b7 (patch) | |
| tree | 302fe2543356be19ee291b7ca54d45513bd1e87c /scripts | |
| parent | 664e6a392ed0ace86e0182dc25bf365e8e34ed9d (diff) | |
| download | tor-d0e31b4d1f10279280ce7cc9ece71d17a79ed6b7.tar.gz tor-d0e31b4d1f10279280ce7cc9ece71d17a79ed6b7.zip | |
scripts/git: Quote shell arguments where possible
Most shell arguments should be quoted to avoid mistakes.
But since all branch names are hard-coded, or supplied by the script user,
we don't need to be too concerned about command injection.
Quoting all shell arguments would take a major refactor.
(Probably using arrays.)
Part of 31314.
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/git/git-merge-forward.sh | 10 | ||||
| -rwxr-xr-x | scripts/git/git-push-all.sh | 2 |
2 files changed, 6 insertions, 6 deletions
diff --git a/scripts/git/git-merge-forward.sh b/scripts/git/git-merge-forward.sh index b9591eaa7e..720320c9fe 100755 --- a/scripts/git/git-merge-forward.sh +++ b/scripts/git/git-merge-forward.sh @@ -227,7 +227,7 @@ function validate_ret # Switch to the given branch name. function switch_branch { - local cmd="git checkout $1" + local cmd="git checkout '$1'" printf " %s Switching branch to %s..." "$MARKER" "$1" if [ $DRY_RUN -eq 0 ]; then msg=$( eval "$cmd" 2>&1 ) @@ -240,7 +240,7 @@ function switch_branch # Checkout a new branch with the given branch name. function new_branch { - local cmd="git checkout -b $1" + local cmd="git checkout -b '$1'" printf " %s Creating new branch %s..." "$MARKER" "$1" if [ $DRY_RUN -eq 0 ]; then msg=$( eval "$cmd" 2>&1 ) @@ -254,7 +254,7 @@ function new_branch # branch name. function switch_or_new_branch { - local cmd="git rev-parse --verify $1" + local cmd="git rev-parse --verify '$1'" if [ $DRY_RUN -eq 0 ]; then # Call switch_branch if there is a branch, or new_branch if there is not msg=$( eval "$cmd" 2>&1 ) @@ -292,7 +292,7 @@ function pull_branch # Merge the given branch name ($1) into the current branch ($2). function merge_branch { - local cmd="git merge --no-edit $1" + local cmd="git merge --no-edit '$1'" printf " %s Merging branch %s into %s..." "$MARKER" "$1" "$2" if [ $DRY_RUN -eq 0 ]; then msg=$( eval "$cmd" 2>&1 ) @@ -305,7 +305,7 @@ function merge_branch # Pull the given branch name. function merge_branch_origin { - local cmd="git merge --ff-only origin/$1" + local cmd="git merge --ff-only 'origin/$1'" printf " %s Merging branch origin/%s..." "$MARKER" "$1" if [ $DRY_RUN -eq 0 ]; then msg=$( eval "$cmd" 2>&1 ) diff --git a/scripts/git/git-push-all.sh b/scripts/git/git-push-all.sh index 0b3cfcd88e..37a73ec95f 100755 --- a/scripts/git/git-push-all.sh +++ b/scripts/git/git-push-all.sh @@ -171,7 +171,7 @@ fi if [ "$PUSH_SAME" -eq 0 -a "$TEST_BRANCH_PREFIX" ]; then NEW_PUSH_BRANCHES= for b in $PUSH_BRANCHES; do - PUSH_COMMIT=`git rev-parse $b` + PUSH_COMMIT=`git rev-parse "$b"` SKIP_UPSTREAM= for u in $DEFAULT_UPSTREAM_BRANCHES $UPSTREAM_BRANCHES; do UPSTREAM_COMMIT=`git rev-parse "$u"` |