From: Ian Jackson Date: Sun, 16 Aug 2015 14:15:44 +0000 (+0100) Subject: Properly quote package name when constructing regexp in complete_file_from_dsc. ... X-Git-Tag: debian/1.3~6 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=commitdiff_plain;h=5cde19017f6b64ab1e440633d59e36a231b57a3f Properly quote package name when constructing regexp in complete_file_from_dsc. Closes:#795736. Also, grep the code for likely similar problems elsewhere and improve a (harmless) instance in dgit-repos-server. --- diff --git a/debian/changelog b/debian/changelog index 1c5fbc4d..f448cf03 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,10 @@ dgit (1.3) unstable; urgency=low * If a .orig in .. is a symlink, hardlink the link target into our private unpack directory, rather than the link itself (since latter won't work if the symlink is relative). + * Properly quote package name when constructing regexp in + complete_file_from_dsc. Closes:#795736. Also, grep the code for + likely similar problems elsewhere and improve a (harmless) instance in + dgit-repos-server. -- diff --git a/dgit b/dgit index 2d42f940..60b39e4a 100755 --- a/dgit +++ b/dgit @@ -1481,7 +1481,7 @@ sub complete_file_from_dsc ($$) { my $furl = $dscurl; $furl =~ s{/[^/]+$}{}; $furl .= "/$f"; - die "$f ?" unless $f =~ m/^${package}_/; + die "$f ?" unless $f =~ m/^\Q${package}\E_/; die "$f ?" if $f =~ m#/#; runcmd_ordryrun_local @curl,qw(-o),$tf,'--',"$furl"; next if !act_local(); diff --git a/infra/dgit-repos-server b/infra/dgit-repos-server index 9705a642..cfa0f314 100755 --- a/infra/dgit-repos-server +++ b/infra/dgit-repos-server @@ -624,7 +624,7 @@ sub dm_txt_check ($$) { printdebug " dm_txt_check $keyid $dmtxtfn\n"; open DT, '<', $dmtxtfn or die "$dmtxtfn $!"; while (
) { - m/^fingerprint:\s+$keyid$/oi + m/^fingerprint:\s+\Q$keyid\E$/oi ..0 or next; if (s/^allow:/ /i..0) { } else {