util/lint/checkpatch.pl: Untaint filename

This fixes the warning that is seen on the jenkins server: Insecure dependency in piped open while running setgid at util/lint/checkpatch.pl line 958. Change-Id: I476efa76ef6a275584a47ec0ecf2315948d53e9d Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/23473 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
author: Martin Roth <martinroth@google.com> 2018-01-27 17:31:42 -0700
committer: Martin Roth <martinroth@google.com> 2018-01-29 15:34:59 +0000
commit: a9868b2dfc553330a845c820c2850b03900d1def (patch)
tree: f38154748fa83700736c3f07c65fa56a4cc781f1 /util/lint
parent: 0f68b23aafc102926ccc833b228d098f5613f3e8 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/util/lint/checkpatch.pl b/util/lint/checkpatch.pl
index e9a0cc46fd..c35a0d6e89 100755
--- a/util/lint/checkpatch.pl
+++ b/util/lint/checkpatch.pl
@@ -951,6 +951,10 @@ if ($git) {
 my $vname;
 for my $filename (@ARGV) {
 	my $FILE;
+
+	# coreboot: Mark filename as untainted
+	$filename =~ /^(.*)$/s or die; $filename = $1;
+
 	if ($git) {
 		open($FILE, '-|', "git format-patch -M --stdout -1 $filename") ||
 			die "$P: $filename: git format-patch failed - $!\n";
author	Martin Roth <martinroth@google.com>	2018-01-27 17:31:42 -0700
committer	Martin Roth <martinroth@google.com>	2018-01-29 15:34:59 +0000
commit	a9868b2dfc553330a845c820c2850b03900d1def (patch)
tree	f38154748fa83700736c3f07c65fa56a4cc781f1 /util/lint
parent	0f68b23aafc102926ccc833b228d098f5613f3e8 (diff)