Francois Gouget : testbot: Sanitize the environment for system() & co.

[Alexandre Julliard]

Module: tools
Branch: master
Commit: 3ef757cc31d4792a0b1a0f394d1dcfb0454b9751
URL:    https://source.winehq.org/git/tools.git/?a=commit;h=3ef757cc31d4792a0b1a0f394d1dcfb0454b9751

Author: Francois Gouget <fgouget at codeweavers.com>
Date:   Tue Aug 27 01:49:30 2019 +0200

testbot: Sanitize the environment for system() & co.

system() may start a shell so make sure its behavior will not be
modified in unexpected ways by the environment ($CDPATH, $IFS) or
an external file ($ENV, $BASH_ENV).

Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 testbot/lib/WineTestBot/Config.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/testbot/lib/WineTestBot/Config.pm b/testbot/lib/WineTestBot/Config.pm
index 4469229..d6267de 100644
--- a/testbot/lib/WineTestBot/Config.pm
+++ b/testbot/lib/WineTestBot/Config.pm
@@ -69,6 +69,9 @@ $LogDir = "$::RootDir/var";
 $DataDir = "$::RootDir/var";
 $BinDir = "$::RootDir/bin";
 
+# Sanitize the environment for system() & co
+delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # from perlsec
+
 # See the ScheduleOnHost() documentation in lib/WineTestBot/Jobs.pm
 $MaxRevertingVMs = 1;
 $MaxRevertsWhileRunningVMs = 0;