On 09/12/2017 09:44 AM, Paolo Bonzini wrote: > The variable is used in "common" but defined only after the file > is sourced. > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > --- > tests/qemu-iotests/check | 2 -- > tests/qemu-iotests/common | 2 ++ > 2 files changed, 2 insertions(+), 2 deletions(-) >
Reviewed-by: Eric Blake <ebl...@redhat.com> > +tmp="${TEST_DIR}"/$$ Pre-existing to your code motion, but would we be any safer if $tmp also included a use of $RANDOM? (The $$ already protects us from collisions with a parallel run, but it is easy to guess, so if $tmp is used to create any file that an attacker can access, running the testsuite may expose a machine to a symlink or other attack - but we probably have lots of those things to audit for before we can recommend running the testsuite in an untrusted environment). -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature