Fix jenkins-plugin-cli JAVA_OPTS handling (#1273)

2022-01-18 12:06:15 -05:00 · 2022-01-18 12:06:15 -05:00 · 1a8d6eae79
parent 494e54b198
commit 1a8d6eae79
1 changed files with 7 additions and 1 deletions
--- a/jenkins-plugin-cli.sh
+++ b/jenkins-plugin-cli.sh
@ -1,3 +1,9 @@
 #!/bin/bash

-exec /bin/bash -c "java $JAVA_OPTS -jar /opt/jenkins-plugin-manager.jar $*"
+# read JAVA_OPTS into array to avoid need for eval (and associated vulnerabilities)
+java_opts_array=()
+while IFS= read -r -d '' item; do
+	java_opts_array+=( "$item" )
+done < <([[ $JAVA_OPTS ]] && xargs printf '%s\0' <<<"$JAVA_OPTS")
+
+exec java "${java_opts_array[@]}" -jar /opt/jenkins-plugin-manager.jar "$@"