Support non-GNU find; avoid shell-injection vulnerability via malicious filenames (#351)

commit: 9868358cfaac0bc92ec6ae38d9727d0db4c26c65 [log] [tgz]
author: Charles Duffy <chaduffy@cisco.com> Tue Sep 20 11:41:41 2016 -0500
committer: Carlos Sanchez <carlos@apache.org> Mon Sep 26 17:03:10 2016 +0200
tree: b828e47c222c5b7ff764245aa18dd8bc8861a2ab
parent: d6a7512eecccabe9ebd52444de105de08fad7306 [diff] [blame]
diff --git a/jenkins.sh b/jenkins.sh
index df1531d..206e069 100755
--- a/jenkins.sh
+++ b/jenkins.sh

@@ -3,7 +3,7 @@
 : ${JENKINS_HOME:="/var/jenkins_home"}
 touch "${COPY_REFERENCE_FILE_LOG}" || (echo "Can not write to ${COPY_REFERENCE_FILE_LOG}. Wrong volume permissions?" && exit 1)
 echo "--- Copying files at $(date)" >> "$COPY_REFERENCE_FILE_LOG"
-find /usr/share/jenkins/ref/ -type f -exec bash -c ". /usr/local/bin/jenkins-support; copy_reference_file '{}'" \;
+find /usr/share/jenkins/ref/ -type f -exec bash -c '. /usr/local/bin/jenkins-support; for arg; do copy_reference_file "$arg"; done' _ {} +
 
 # if `docker run` first argument start with `--` the user is passing jenkins launcher arguments
 if [[ $# -lt 1 ]] || [[ "$1" == "--"* ]]; then
commit	9868358cfaac0bc92ec6ae38d9727d0db4c26c65	[log] [tgz]
author	Charles Duffy <chaduffy@cisco.com>	Tue Sep 20 11:41:41 2016 -0500
committer	Carlos Sanchez <carlos@apache.org>	Mon Sep 26 17:03:10 2016 +0200
tree	b828e47c222c5b7ff764245aa18dd8bc8861a2ab
parent	d6a7512eecccabe9ebd52444de105de08fad7306 [diff] [blame]