7x31
/
shellcheck
mirror of https://github.com/koalaman/shellcheck.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Warn when using read without -r

This commit is contained in:
Vidar Holen 2015-07-18 12:30:08 -07:00
parent d406ba9950
commit b1843c520f
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ShellCheck/Analytics.hs
View File

@ -206,6 +206,7 @@ nodeChecks = [
,checkReturn ,checkReturn
,checkMaskedReturns ,checkMaskedReturns
,checkInjectableFindSh ,checkInjectableFindSh
,checkReadWithoutR
] ]
@ -3453,6 +3454,13 @@ checkInjectableFindSh _ = checkCommand "find" (const check)
when ("{}" `isInfixOf` arg) $ when ("{}" `isInfixOf` arg) $
warn id 2156 "Injecting filenames is fragile and insecure. Use parameters." warn id 2156 "Injecting filenames is fragile and insecure. Use parameters."
prop_checkReadWithoutR1 = verify checkReadWithoutR "read -a foo"
prop_checkReadWithoutR2 = verifyNot checkReadWithoutR "read -ar foo"
checkReadWithoutR _ t@(T_SimpleCommand {}) | t `isUnqualifiedCommand` "read" =
unless ("r" `elem` map snd (getAllFlags t)) $
info (getId t) 2162 "read without -r will mangle backslashes."
checkReadWithoutR _ _ = return ()
return [] return []
runTests = $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |]) runTests = $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])