6
73%
master: 73%

Ran 06 Oct 2024 03:43AM UTC

Files 3

Run time 0s

Badge

Embed ▾

Committed 05 Oct 2024 09:11AM UTC coverage: 73.069%. Remained the same

Job # 11198674983.6

Build Type

push

github

Committed by

web-flow

Commit Message

grep: avoid shell code evaluation (#749)

* grep: avoid shell code evaluation

* When running grep -g or -u, the default code uses Term::Cap but this fails over to executing external tput command
* tput would be available on Linux/BSD but is not a consideration for Windows
* Feed the TERM environment variable to tput command in single quotes to prevent shell commands from being initiated though TERM
* To verify this I had to temporarily bypass the Term::Cap code on my Linux system
* No other instances of backticks, system() or exec() calls within grep

%TERM='linux;halt -p;' perl  grep -g include a.c   # with patch applied tput fails but system doesn't halt
tput: unknown terminal "linux;halt -p;"
tput: unknown terminal "linux;halt -p;"
#include <stdio.h>
#include <stdlib.h>

* execute tput without subshell

* Previous commit was half baked because invalid user input could still creep into shell
* Switch backticks over to system LIST, which does not execute tput via a shell
* Code for redirecting and restoring STDOUT was lifted out of bin/awk

Run Details

350 of 479 relevant lines covered (73.07%)

4691.97 hits per line

briandfoy / PerlPowerTools / 11198674983 / 6
73%
master: 73%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 11198674983.6

briandfoy / PerlPowerTools / 11198674983 / 6 73% master: 73%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Source Files on job 11198674983.6

briandfoy / PerlPowerTools / 11198674983 / 6
73%
master: 73%

README BADGES
x