Page MenuHomePhorge

Fix incorrect quoting of author in 'arc patch'

Authored by ldanna on Oct 17 2021, 20:02.
Referenced Files
Unknown Object (File)
Thu, Jun 1, 07:42
Unknown Object (File)
Wed, May 31, 18:05
Unknown Object (File)
Thu, May 18, 20:55
Unknown Object (File)
Thu, May 18, 20:55
Unknown Object (File)
Thu, May 18, 20:55
Unknown Object (File)
Sun, May 7, 10:25
Unknown Object (File)
May 2 2023, 07:58
Unknown Object (File)
Apr 30 2023, 18:13



Author field is formatted with csprintf, which would be appropriate
if the resulting string was concatenated into a shell command as a
string -- but because the flags are passed as a vector of strings
and not parsed by the shell, this results in extraneous shell
quoting making it into to author field. In particular this
renders my name as D'\''Anna instead of D'Anna

Test Plan

Performed 'arc patch' with and without these changes, confirmed
that my apostrophe was no longer mangled by shell quotes in the
resulting commit.

Diff Detail

rARC Arcanist
Lint Not Applicable
Tests Not Applicable

Event Timeline

ldanna requested review of this revision.Oct 17 2021, 20:02

I feel like this is a good change. I do not see any security vulnerabilities that could be introduced by this..

I will let everyone else chime in as shell escaping code is an attack vector

This revision is now accepted and ready to land.Oct 22 2021, 15:48

Thank you for submitting this change!

@speck thanks, how do I land the change?

This revision was automatically updated to reflect the committed changes.