You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@whimsical.apache.org by se...@apache.org on 2020/07/06 22:58:57 UTC

[whimsy] branch master updated: Need some more untainting

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 7253b29  Need some more untainting
7253b29 is described below

commit 7253b2969c82a22ea05e7317fcb06c02a7ef0982
Author: Sebb <se...@apache.org>
AuthorDate: Mon Jul 6 23:58:48 2020 +0100

    Need some more untainting
---
 lib/whimsy/asf/svn.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/whimsy/asf/svn.rb b/lib/whimsy/asf/svn.rb
index a1d6625..6c78056 100644
--- a/lib/whimsy/asf/svn.rb
+++ b/lib/whimsy/asf/svn.rb
@@ -677,7 +677,7 @@ module ASF
 
         syscmd = ['svnmucc',
                   '--non-interactive',
-                  '--extra-args', cmdfile.path,
+                  '--extra-args', cmdfile.path.untaint,
                   '--message', msg,
                   '--no-auth-cache',
                   ]
@@ -885,8 +885,8 @@ module ASF
     private
     
     def self.listingNames(name)
-      return File.join(ASF::Config.root,'svn',"%s.txt" % name),
-             File.join(ASF::Config.root,'svn',"%s.tmp" % name)
+      return File.join(ASF::Config.root,'svn',"%s.txt" % name).untaint,
+             File.join(ASF::Config.root,'svn',"%s.tmp" % name).untaint
     end
 
     # Get all the SVN entries