diff options
| author | Xu Cheng | 2015-03-09 15:03:19 +0800 |
|---|---|---|
| committer | Xu Cheng | 2015-03-10 00:57:21 +0800 |
| commit | 936eba2a28b5914554da356fa7cd746a50b7fffa (patch) | |
| tree | 35de6dcbd08504d2dccc7f1822eb195dc2fe5885 | |
| parent | c809b354df36c3d2a92c0a4945803aeb203c8369 (diff) | |
| download | homebrew-936eba2a28b5914554da356fa7cd746a50b7fffa.tar.bz2 | |
audit: whitelist pipe, redirect etc in the system check
Closes #37523.
Signed-off-by: Xu Cheng <xucheng@me.com>
| -rw-r--r-- | Library/Homebrew/cmd/audit.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/Library/Homebrew/cmd/audit.rb b/Library/Homebrew/cmd/audit.rb index dd41d9284..9eac644ad 100644 --- a/Library/Homebrew/cmd/audit.rb +++ b/Library/Homebrew/cmd/audit.rb @@ -714,8 +714,10 @@ class FormulaAuditor if @strict if line =~ /system (["'][^"' ]*(?:\s[^"' ]*)+["'])/ bad_system = $1 - good_system = bad_system.gsub(" ", "\", \"") - problem "Use `system #{good_system}` instead of `system #{bad_system}` " + unless %w[| < > & ;].any? { |c| bad_system.include? c } + good_system = bad_system.gsub(" ", "\", \"") + problem "Use `system #{good_system}` instead of `system #{bad_system}` " + end end if line =~ /(require ["']formula["'])/ |