Where regular expression is read from a variable and -e argument is not provided, the resulting call may end up being interpreted as grep argument, This can be pretty dangerous, eg. if the variable expands to `--help`, grep help is shown and grep exits with zero, which would be interprered as match. Another example is when the variable expands to a valid grep parameter; this would mean that next argument would be interprered by grep as the regex, and if the argument after that would be missing, grep would read stdin, resulting in data messup or grep waiting indefinitely. See also: https://github.com/koalaman/shellcheck/issues/1342

vor 5 Jahren · 64964d7049
--- a/src/bin/sfdoc
+++ b/src/bin/sfdoc
 
															     esac
														
 
															     case $action in
														
 
															         exp)    # --export
														
 
															-            grep -qw "$format" <<<manpage,markdown,pod \
														
 
															+            grep -qwe "$format" <<<manpage,markdown,pod \
														
 
															              || die "unknown format: $format"
														
 
															             sfdoc__export "$format" "${RealModuleName:-$module}" "$mpath" "$encoding"
														
 
															             ;;
														
--- a/src/shellfu.sh.skel
+++ b/src/shellfu.sh.skel
 
															             # True if module $1 is already imported
														
 
															             #
														
 
															             local mname=$1
														
 
															-            echo "$__SHELLFU_IMPORTED" | tr : \\n | grep -qx "$mname"
														
 
															+            echo "$__SHELLFU_IMPORTED" | tr : \\n | grep -qxe "$mname"
														
 
															             ;;
														
 
															         _list_mfiles)