From 7b81066038d6b696c18c2468990bde1cd6c22845 Mon Sep 17 00:00:00 2001
From: Misty De Meo <mistydemeo@gmail.com>
Date: Tue, 9 Feb 2016 10:13:04 -0800
Subject: [PATCH] Audit: Regexp.escape formula names

We allow certain special regex characters in formula names, and if
those aren't escaped when interpolating them into a regex, they'll be
interpreted as special regex characters.

This can cause regex compile errors on Ruby 1.8 (for example, with
"libxml++3", which has nested match characters), and more subtle
matching bugs in general.

Refs an issue surfaced in Homebrew/homebrew#48744.

Closes Homebrew/homebrew#49005.

Signed-off-by: Misty De Meo <mistydemeo@gmail.com>
---
 Library/Homebrew/cmd/audit.rb           |  4 ++--
 Library/Homebrew/test/test_cmd_audit.rb | 11 ++++++++---
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/Library/Homebrew/cmd/audit.rb b/Library/Homebrew/cmd/audit.rb
index 41e160473b..f2dc78299a 100644
--- a/Library/Homebrew/cmd/audit.rb
+++ b/Library/Homebrew/cmd/audit.rb
@@ -879,11 +879,11 @@ class FormulaAuditor
         problem "`#{$1}` is now unnecessary"
       end
 
-      if line =~ %r{#\{share\}/#{formula.name}[/'"]}
+      if line =~ %r{#\{share\}/#{Regexp.escape(formula.name)}[/'"]}
         problem "Use \#{pkgshare} instead of \#{share}/#{formula.name}"
       end
 
-      if line =~ %r{share/"#{formula.name}[/'"]}
+      if line =~ %r{share/"#{Regexp.escape(formula.name)}[/'"]}
         problem "Use pkgshare instead of (share/\"#{formula.name}\")"
       end
     end
diff --git a/Library/Homebrew/test/test_cmd_audit.rb b/Library/Homebrew/test/test_cmd_audit.rb
index 0dbfbe5e63..ce37a2c8ed 100644
--- a/Library/Homebrew/test/test_cmd_audit.rb
+++ b/Library/Homebrew/test/test_cmd_audit.rb
@@ -301,10 +301,9 @@ class FormulaAuditorTests < Homebrew::TestCase
   end
 
   # Regression test for https://github.com/Homebrew/homebrew/pull/48744
-  # Formulae with "++" in their name would break the name check because of a
-  # regexp error:
+  # Formulae with "++" in their name would break various audit regexps:
   #   Error: nested *?+ in regexp: /^libxml++3\s/
-  def test_audit_desc_plus_plus_name
+  def test_audit_plus_plus_name
     fa = formula_auditor "foolibc++", <<-EOS.undent, :strict => true
       class Foolibcxx < Formula
         desc "foolibc++ is a test"
@@ -315,5 +314,11 @@ class FormulaAuditorTests < Homebrew::TestCase
     fa.audit_desc
     assert_equal "Description shouldn't include the formula name",
       fa.problems.shift
+
+    fa.audit_line 'ohai "#{share}/foolibc++"', 3
+    assert_equal "Use \#{pkgshare} instead of \#{share}/foolibc++", fa.problems.shift
+
+    fa.audit_line 'ohai share/"foolibc++"', 3
+    assert_equal 'Use pkgshare instead of (share/"foolibc++")', fa.problems.shift
   end
 end