Skip to content
This repository has been archived by the owner on Jan 10, 2023. It is now read-only.

Commit

Permalink
Merge pull request #164 from codecov/sanitize-gcov-options
Browse files Browse the repository at this point in the history 
[CE-1263] Sanitize gcov-args
  • Loading branch information
@drazisil
drazisil authored Jan 16, 2020
2 parents 9bde072 + 2f4eff9 commit f429409
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 3 deletions.
5 changes: 3 additions & 2 deletions lib/codecov.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ var urlgrey = require('urlgrey')
var jsYaml = require('js-yaml')
var walk = require('ignore-walk')
var execSync = require('child_process').execSync
var validator = require('validator')

var detectProvider = require('./detect')

Expand Down Expand Up @@ -397,9 +398,9 @@ var upload = function(args, on_success, on_failure) {
" -type f -name '*.gcno' " +
gcg +
' -exec ' +
(args.options['gcov-exec'] || 'gcov') +
(validator.escape(args.options['gcov-exec']) || 'gcov') +
' ' +
(args.options['gcov-args'] || '') +
(validator.escape(args.options['gcov-args']) || '') +
' {} +'
} else {
// @TODO support for root
Expand Down
5 changes: 5 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,8 @@
"ignore-walk": "^3.0.1",
"js-yaml": "^3.13.1",
"teeny-request": "^3.11.3",
"urlgrey": "^0.4.4"
"urlgrey": "^0.4.4",
"validator": "^12.1.0"
},
"devDependencies": {
"eslint": "^5.16.0",
Expand Down

0 comments on commit f429409

Please sign in to comment.