From: Junio C Hamano <gitster@pobox.com>
To: Phillip Wood <phillip.wood123@gmail.com>
Cc: Antonin Delpeuch via GitGitGadget <gitgitgadget@gmail.com>,
git@vger.kernel.org, Antonin Delpeuch <antonin@delpeuch.eu>
Subject: Re: [PATCH v3] merge-ll: expose revision names to custom drivers
Date: Sat, 20 Jan 2024 09:37:30 -0800 [thread overview]
Message-ID: <xmqqsf2rgb39.fsf@gitster.g> (raw)
In-Reply-To: <82624802-aa7f-4856-b819-9a2990b25a69@gmail.com> (Phillip Wood's message of "Sat, 20 Jan 2024 14:13:50 +0000")
Phillip Wood <phillip.wood123@gmail.com> writes:
> Not part of this patch but I noticed that we're passing the filenames
> for '%A' etc. unquoted which is a bit scary.
May be scary but safe, as long as create_temp() gives a reasonable
temporary filename. We pass ".merge_file_XXXXXX" to xmkstemp(),
which calls into mkstemp(), which should give us a shell safe name?
It also should be a safe conversion to change strbuf_addstr() used
for these three to sq_quote_buf(), as the string with these %[OAB]
placeholders are passed to the shell that eats the quoting before
invoking the end-user supplied external merge driver, which means
the merge driver would not notice any difference.
Thanks for being careful ;-)
next prev parent reply other threads:[~2024-01-20 17:37 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-18 14:26 [PATCH] merge-ll: expose revision names to custom drivers Antonin Delpeuch via GitGitGadget
2024-01-18 15:25 ` Kristoffer Haugsbakk
2024-01-18 15:42 ` Antonin Delpeuch
2024-01-18 15:43 ` [PATCH v2] " Antonin Delpeuch via GitGitGadget
2024-01-18 20:16 ` Junio C Hamano
2024-01-18 20:56 ` Antonin Delpeuch
2024-01-18 22:09 ` [PATCH v3] " Antonin Delpeuch via GitGitGadget
2024-01-19 20:02 ` Antonin Delpeuch
2024-01-20 17:25 ` Junio C Hamano
2024-01-20 14:13 ` Phillip Wood
2024-01-20 17:37 ` Junio C Hamano [this message]
2024-01-20 18:23 ` Phillip Wood
2024-01-20 22:49 ` Junio C Hamano
2024-01-24 20:09 ` [PATCH v4] " Antonin Delpeuch via GitGitGadget
2024-01-24 21:17 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqsf2rgb39.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=antonin@delpeuch.eu \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=phillip.wood123@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.