]> git.openstreetmap.org Git - rails.git/commitdiff
projects / rails.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: 35db867)
Use Open3.capture2 instead of backticks, to avoid command line injection risks
authorAndy Allan <git@gravitystorm.co.uk>
Wed, 22 Apr 2020 11:22:30 +0000 (13:22 +0200)
committerAndy Allan <git@gravitystorm.co.uk>
Wed, 22 Apr 2020 11:57:32 +0000 (13:57 +0200)
In this situation, trace_name can be trivially checked as legitimate, but this
removes any lingering risks from interpolating into a command line instead of
passing parameters explicitly.

Refs #2229


No differences found
The OpenStreetMap web site