From 4efc1f22d428ebfdc1c0ef5b4c6375cf3287526b Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Fri, 8 Oct 2010 18:58:47 -0400
Subject: [PATCH] taint handling for rev

---
 IkiWiki/Plugin/git.pm | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm
index 47e806209..e89813253 100644
--- a/IkiWiki/Plugin/git.pm
+++ b/IkiWiki/Plugin/git.pm
@@ -836,20 +836,22 @@ sub rcs_receive () {
 
 sub rcs_preprevert ($) {
 	my $rev=shift;
+	my ($sha1) = $rev =~ /^($sha1_pattern)$/; # untaint
 
-	return git_parse_changes(git_commit_info($rev, 1));
+	return git_parse_changes(git_commit_info($sha1, 1));
 }
 
 sub rcs_revert ($) {
 	# Try to revert the given rev; returns undef on _success_.
 	my $rev = shift;
+	my ($sha1) = $rev =~ /^($sha1_pattern)$/; # untaint
 
-	if (run_or_non('git', 'revert', '--no-commit', $rev)) {
+	if (run_or_non('git', 'revert', '--no-commit', $sha1)) {
 		return undef;
 	}
 	else {
 		run_or_die('git', 'reset', '--hard');
-		return sprintf(gettext("Failed to revert commit %s"), $rev);
+		return sprintf(gettext("Failed to revert commit %s"), $sha1);
 	}
 }
 
-- 
2.32.0.93.g670b81a890