Mercurial > hg > octave-lyh > gnulib-hg
changeset 10887:8985a457ead7
Fix security problem in test-parse-duration.sh.
author | Bruno Haible <bruno@clisp.org> |
---|---|
date | Tue, 16 Dec 2008 12:32:25 +0100 |
parents | 728584283d12 |
children | b70e55c6a2df |
files | ChangeLog tests/test-parse-duration.sh |
diffstat | 2 files changed, 10 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2008-12-16 Bruno Haible <bruno@clisp.org> + + * tests/test-parse-duration.sh: Fix quoting of $tmp and $tmpf + expressions. + 2008-12-15 Bruno Haible <bruno@clisp.org> * doc/glibc-functions/fgetxattr.texi: Tweak wording.
--- a/tests/test-parse-duration.sh +++ b/tests/test-parse-duration.sh @@ -46,10 +46,10 @@ } func_tmpdir -trap "rm -rf ${tmp}" EXIT -tmpf=${tmp}/tests.txt +trap 'rm -rf "${tmp}"' EXIT +tmpf="${tmp}/tests.txt" -cat > ${tmpf} <<- _EOF_ +cat > "${tmpf}" <<- _EOF_ 1 Y 2 M 3 W 4 d 5 h 6 m 7 s P 00010225 T 05:06:07 P 1Y2M3W4D T 5H6M7S @@ -59,9 +59,9 @@ P 1-2-25 T 5:6:7 _EOF_ -ls -l $tmpf +ls -l "${tmpf}" -exec 3< ${tmpf} +exec 3< "${tmpf}" while read -u3 line do v=`${exe} "${line}"` || die "Failed: ${exe} '${line}'"