diff options
| author | Joey Hess <joey@kitenet.net> | 2010-10-08 18:58:47 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2010-10-08 18:58:47 -0400 |
| commit | 4efc1f22d428ebfdc1c0ef5b4c6375cf3287526b (patch) | |
| tree | c9c5bda2de941acd85f9250d369e2d9ae28aeade | |
| parent | c430792148b2193585dfed6cc2a5f778f7167de1 (diff) | |
| download | ikiwiki-4efc1f22d428ebfdc1c0ef5b4c6375cf3287526b.tar ikiwiki-4efc1f22d428ebfdc1c0ef5b4c6375cf3287526b.tar.gz | |
taint handling for rev
| -rw-r--r-- | IkiWiki/Plugin/git.pm | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm index 47e806209..e89813253 100644 --- a/IkiWiki/Plugin/git.pm +++ b/IkiWiki/Plugin/git.pm @@ -836,20 +836,22 @@ sub rcs_receive () { sub rcs_preprevert ($) { my $rev=shift; + my ($sha1) = $rev =~ /^($sha1_pattern)$/; # untaint - return git_parse_changes(git_commit_info($rev, 1)); + return git_parse_changes(git_commit_info($sha1, 1)); } sub rcs_revert ($) { # Try to revert the given rev; returns undef on _success_. my $rev = shift; + my ($sha1) = $rev =~ /^($sha1_pattern)$/; # untaint - if (run_or_non('git', 'revert', '--no-commit', $rev)) { + if (run_or_non('git', 'revert', '--no-commit', $sha1)) { return undef; } else { run_or_die('git', 'reset', '--hard'); - return sprintf(gettext("Failed to revert commit %s"), $rev); + return sprintf(gettext("Failed to revert commit %s"), $sha1); } } |