cvsimport: shell-quote variable used in backticks

peff · gitster · commit 5b4efea66695 · 2017-09-12T11:10:22.000+09:00
We run `git rev-parse` though the shell, and quote its
argument only with single-quotes. This prevents most
metacharacters from being a problem, but misses the obvious
case when $name itself has single-quotes in it. We can fix
this by applying the usual shell-quoting formula.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
diff --git a/git-cvsimport.perl b/git-cvsimport.perl
@@ -642,6 +642,7 @@ sub is_sha1 {
 
 sub get_headref ($) {
 	my $name = shift;
+	$name =~ s/'/'\\''/;
 	my $r = `git rev-parse --verify '$name' 2>/dev/null`;
 	return undef unless $? == 0;
 	chomp $r;
