On Sun, Mar 21, 2021 at 1:45 AM Junio C Hamano <gitster@xxxxxxxxx> wrote: > Eric Sunshine <sunshine@xxxxxxxxxxxxxx> writes: > > To protect against that problem, you may need to call > > format_sanitized_subject() manually after formatting "v%s-". (I'm just > > looking at this code for the first time, so I could be hopelessly > > wrong. There may be a better way to fix it.) > > Yes, slash is of course very problematic, but what we've been doing > to the patch filenames was to ensure that they will be free of $IFS > whitespaces and shell glob special characters as well, and we should > treat the "reroll count" just like the other end-user controlled > input, i.e. the title of the patch, and sanitize it the same way. > > So I am pretty sure format_sanitized_subject() is the right way to > go. The pathname sanitization would also deserve a test. Denton's seemingly simple feature request[1] has turned out to be quite a little project. [1]: https://github.com/gitgitgadget/git/issues/882
