diff options
| author | Vegard Nossum <vegard.nossum@oracle.com> | 2024-01-10 18:47:58 +0100 |
|---|---|---|
| committer | Jonathan Corbet <corbet@lwn.net> | 2024-01-11 17:21:01 +0100 |
| commit | c48a7c44a1d02516309015b6134c9bb982e17008 (patch) | |
| tree | c0900d3847622612f2b913f0071b1b78bb7ec928 /Documentation/admin-guide | |
| parent | Documentation: constrain alabaster package to older versions (diff) | |
| download | linux-c48a7c44a1d02516309015b6134c9bb982e17008.tar.xz linux-c48a7c44a1d02516309015b6134c9bb982e17008.zip | |
docs: kernel_feat.py: fix potential command injection
The kernel-feat directive passes its argument straight to the shell.
This is unfortunate and unnecessary.
Let's always use paths relative to $srctree/Documentation/ and use
subprocess.check_call() instead of subprocess.Popen(shell=True).
This also makes the code shorter.
This is analogous to commit 3231dd586277 ("docs: kernel_abi.py: fix
command injection") where we did exactly the same thing for
kernel_abi.py, somehow I completely missed this one.
Link: https://fosstodon.org/@jani/111676532203641247
Reported-by: Jani Nikula <jani.nikula@intel.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Cc: stable@vger.kernel.org
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20240110174758.3680506-1-vegard.nossum@oracle.com
Diffstat (limited to 'Documentation/admin-guide')
| -rw-r--r-- | Documentation/admin-guide/features.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Documentation/admin-guide/features.rst b/Documentation/admin-guide/features.rst index 8c167082a84f..7651eca38227 100644 --- a/Documentation/admin-guide/features.rst +++ b/Documentation/admin-guide/features.rst @@ -1,3 +1,3 @@ .. SPDX-License-Identifier: GPL-2.0 -.. kernel-feat:: $srctree/Documentation/features +.. kernel-feat:: features |