automake --version: 1.14.1
autoconf --version: 2.69
The error occured when attempting to run the test suite GNU Wget's git
source.
`make` works correctly, but `make check` happens to fail with the following
output:
if test -d ./.git \
&& git --version >/dev/null 2>&1; then \
cd . && \
git submodule --quiet foreach \
test '"$(git rev-parse "$sha1")"' \
= '"$(git merge-base origin "$sha1")"' \
|| { echo 'maint.mk: found non-public submodule commit' >&2; \
exit 1; }; \
else \
: ; \
fi
Stopping at 'gnulib'; script returned non-zero status.
maint.mk: found non-public submodule commit
maint.mk:1394: recipe for target 'public-submodule-commit' failed
make: *** [public-submodule-commit] Error 1
In the repository, gnulib is used as a submodule. Running:
$ git submodule foreach echo $name, $path, $sha1
returns an empty string which implies that git is unable to see the
submodules correctly.
I bisected the git source to find the commit causing the problems. The
following is the commit message:
commit 1c4fb136dbad762c9c4350ee79c3474ae8037587
Author: Anders Kaseorg <ande...@mit.edu>
Date: Fri Sep 27 06:23:55 2013 -0400
submodule foreach: skip eval for more than one argument
'eval "$@"' creates an extra layer of shell interpretation, which is
probably not expected by a user who passes multiple arguments to git
submodule foreach:
$ git grep "'"
[searches for single quotes]
$ git submodule foreach git grep "'"
Entering '[submodule]'
/usr/lib/git-core/git-submodule: 1: eval: Syntax error: Unterminated
quoted string
Stopping at '[submodule]'; script returned non-zero status.
To fix this, if the user passes more than one argument, execute "$@"
directly instead of passing it to eval.
Examples:
* Typical usage when adding an extra level of quoting is to pass a
single argument representing the entire command to be passed to the
shell. This doesn't change that.
* One can imagine someone feeding untrusted input as an argument:
git submodule foreach git grep "$variable"
That currently results in a nonobvious shell code injection
vulnerability. Executing the command named by the arguments
directly, as in this patch, fixes it.
Signed-off-by: Anders Kaseorg <ande...@mit.edu>
Acked-by: Johan Herland <jo...@herland.net>
Signed-off-by: Jonathan Nieder <jrnie...@gmail.com>
Hence, this seems to me as a feature, not a bug in Git. Maybe, automake
needs to fix its scripts accordingly? Because the issue with `make check`
was introduced through this specific commit.
Do let me know if I can provide any more help.
Also, I am not sunscribed to this mailing list, hence, please ensure to
leave my email in the CC list.
--
Thanking You,
Darshit Shah
