mirror of
https://github.com/curl/curl.git
synced 2026-05-30 05:47:28 +03:00
checksrc: fix possible endless loops/errors in the banned function logic
By quoting the search expression to be replaced. This avoid the issue
when the code leading up to a banned function contained regex characters
that the script did not explicitly handle, e.g. `+`.
Assisted-by: Daniel Stenberg
Ref: https://perldoc.perl.org/functions/quotemeta
Follow-up to dd37d6970c #18775
Closes #18845
This commit is contained in:
Viktor Szakats
parent
455d41d460
commit
c7fb5858a5
1 changed files with 3 additions and 8 deletions
|
|
@ -907,14 +907,9 @@ sub scanfile {
|
|||
checkwarn("BANNEDFUNC",
|
||||
$line, length($prefix), $file, $ol,
|
||||
"use of $bad is banned");
|
||||
my $replace = 'x' x (length($bad) + 1);
|
||||
$prefix =~ s/\*/\\*/;
|
||||
$prefix =~ s/\[/\\[/;
|
||||
$prefix =~ s/\]/\\]/;
|
||||
$prefix =~ s/\(/\\(/;
|
||||
$prefix =~ s/\)/\\)/;
|
||||
$suff =~ s/\(/\\(/;
|
||||
$l =~ s/$prefix$bad$suff/$prefix$replace/;
|
||||
my $search = quotemeta($prefix . $bad . $suff);
|
||||
my $replace = $prefix . 'x' x (length($bad) + 1);
|
||||
$l =~ s/$search/$replace/;
|
||||
goto again;
|
||||
}
|
||||
$l = $bl; # restore to pre-bannedfunc content
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue