From: Viktor Szakats <commit@vsz.me>
Date: Sat, 4 Oct 2025 11:04:29 +0000 (+0200)
Subject: checksrc: fix possible endless loops/errors in the banned function logic
X-Git-Tag: rc-8_17_0-1~139
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c7fb5858a59dfc433d5eefa08be3db249738fd28;p=thirdparty%2Fcurl.git

checksrc: fix possible endless loops/errors in the banned function logic

By quoting the search expression to be replaced. This avoid the issue
when the code leading up to a banned function contained regex characters
that the script did not explicitly handle, e.g. `+`.

Assisted-by: Daniel Stenberg

Ref: https://perldoc.perl.org/functions/quotemeta
Follow-up to dd37d6970cfd8b4cf47ebd469f03772813b92c23 #18775

Closes #18845
---

diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl
index 637c0b7c8b..54800ce12d 100755
--- a/scripts/checksrc.pl
+++ b/scripts/checksrc.pl
@@ -907,14 +907,9 @@ sub scanfile {
             checkwarn("BANNEDFUNC",
                       $line, length($prefix), $file, $ol,
                       "use of $bad is banned");
-            my $replace = 'x' x (length($bad) + 1);
-            $prefix =~ s/\*/\\*/;
-            $prefix =~ s/\[/\\[/;
-            $prefix =~ s/\]/\\]/;
-            $prefix =~ s/\(/\\(/;
-            $prefix =~ s/\)/\\)/;
-            $suff =~ s/\(/\\(/;
-            $l =~ s/$prefix$bad$suff/$prefix$replace/;
+            my $search = quotemeta($prefix . $bad . $suff);
+            my $replace = $prefix . 'x' x (length($bad) + 1);
+            $l =~ s/$search/$replace/;
             goto again;
         }
         $l = $bl; # restore to pre-bannedfunc content