Bug#810145: EXTREMELY PROOF OF CONCEPT OMG

[Thorsten Glaser]

Jo Shields dixit:

>This works, IME - no more multi-gig Jenkins logs spamming "cannot

Umm…

BUILDPLACE=-q

BUILDPLACE=.foo

Passing a user-controlled argument to grep without escaping
it beforehand (and choosing a grep dialect, especially as
GNU grep does not default to BRE) or switching grep to fixed
strings is bad.

Something like this, maybe?

… | grep -F -e "$BUILDPLACE" | …

People seem to assume that writing ${foo} instead of $foo
escapes more, when it makes no difference in fact.

bye,
//mirabilos
-- 
Yay for having to rewrite other people's Bash scripts because bash
suddenly stopped supporting the bash extensions they make use of
	-- Tonnerre Lombard in #nosec