Author field is formatted with csprintf, which would be appropriate
if the resulting string was concatenated into a shell command as a
string -- but because the flags are passed as a vector of strings
and not parsed by the shell, this results in extraneous shell
quoting making it into to author field. In particular this
renders my name as D'\''Anna instead of D'Anna
Details
Details
- Reviewers
speck - Group Reviewers
O1: Blessed Committers - Commits
- rARC4230292997ce: Fix incorrect quoting of author in 'arc patch'
Performed 'arc patch' with and without these changes, confirmed
that my apostrophe was no longer mangled by shell quotes in the
resulting commit.
Diff Detail
Diff Detail
- Repository
- rARC Arcanist
- Branch
- quote
- Lint
Lint Passed - Unit
Tests Passed - Build Status
Buildable 54 Build 54: arc lint + arc unit
Event Timeline
Comment Actions
I feel like this is a good change. I do not see any security vulnerabilities that could be introduced by this..
I will let everyone else chime in as shell escaping code is an attack vector