7x31/shellcheck
1
0
Fork 0
mirror of https://github.com/koalaman/shellcheck.git synced 2025-09-20 02:33:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

Warn when using read without -r

Browse Source
This commit is contained in:
Vidar Holen
2015-07-18 12:30:08 -07:00
parent d406ba9950
commit b1843c520f
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ShellCheck/Analytics.hs
View File

@@ -206,6 +206,7 @@ nodeChecks = [
,checkReturn ,checkReturn
,checkMaskedReturns ,checkMaskedReturns
,checkInjectableFindSh ,checkInjectableFindSh
,checkReadWithoutR
] ]
@@ -3453,6 +3454,13 @@ checkInjectableFindSh _ = checkCommand "find" (const check)
when ("{}" `isInfixOf` arg) $ when ("{}" `isInfixOf` arg) $
warn id 2156 "Injecting filenames is fragile and insecure. Use parameters." warn id 2156 "Injecting filenames is fragile and insecure. Use parameters."
prop_checkReadWithoutR1 = verify checkReadWithoutR "read -a foo"
prop_checkReadWithoutR2 = verifyNot checkReadWithoutR "read -ar foo"
checkReadWithoutR _ t@(T_SimpleCommand {}) | t `isUnqualifiedCommand` "read" =
unless ("r" `elem` map snd (getAllFlags t)) $
info (getId t) 2162 "read without -r will mangle backslashes."
checkReadWithoutR _ _ = return ()
return [] return []
runTests = $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |]) runTests = $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])