Guard against malicious git branch names
authorJoerg Jaspert <joerg@debian.org>
Sun, 19 Mar 2017 20:58:37 +0000 (21:58 +0100)
committerJoerg Jaspert <joerg@debian.org>
Sun, 19 Mar 2017 20:58:37 +0000 (21:58 +0100)
.zsh/functions/prompt_ganneff_setup

index e122747..2fe9456 100644 (file)
@@ -608,6 +608,7 @@ ganneff_prompt_addto () {
                 ;;
             vcs)
                 v="vcs_info_msg_${new}_"
+                v=${v//[^a-z0-9\/]/-}
                 if (( ${+parameters[$v]} )) && [[ -n "${(P)v}" ]]; then
                     typeset -g "${target}=${(P)target}${(P)v}"
                 fi