This is an automated email from the git hooks/post-receive script. jamessan pushed a commit to branch master in repository devscripts.
commit 4219a8eaa97588e26a7a9b61a57029e616cfc09a Author: James McCoy <[email protected]> Date: Fri Dec 13 22:23:07 2013 -0500 uscan: Have find invoke rm directly instead of piping to xargs Using "find … -exec" avoids problems with shell interpretation of arguments to the rm command, which could be abused to delete arbitrary files. Closes: #732006, CVE-2013-7085 Signed-off-by: James McCoy <[email protected]> --- scripts/uscan.pl | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scripts/uscan.pl b/scripts/uscan.pl index 0ffe9f2..c88c5b8 100755 --- a/scripts/uscan.pl +++ b/scripts/uscan.pl @@ -1525,13 +1525,13 @@ EOF my $nfiles_before = `find $main_source_dir | wc -l`; foreach (grep {/\//} split /\s+/, $data->{"files-excluded"}) { # delete trailing '/' because otherwise find -path will fail - s?/+$?? ; + s?/+$??; # use rm -rf to enable deleting non-empty directories - `find $main_source_dir -path "$main_source_dir/$_" | xargs rm -rf`; - }; + system('find', $main_source_dir, '-path', "$main_source_dir/$_", '-exec', 'rm', '-rf', '{}', '+'); + } foreach (grep {/^[^\/]+$/} split /\s+/, $data->{"files-excluded"}) { - `find $main_source_dir -type f -name $_ -delete`; - }; + system('find', $main_source_dir, '-type', 'f', '-name', $_, '-delete'); + } my $nfiles_after = `find $main_source_dir | wc -l`; if ( $nfiles_before == $nfiles_after ) { print "-- Source tree remains identical - no need for repacking.\n" if $verbose; -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
