From b5c778a08ede5262a3204f296c82bd9776bdf891 Mon Sep 17 00:00:00 2001
From: Tom Limoncelli <tlimoncelli@stackexchange.com>
Date: Wed, 5 Nov 2014 16:48:10 +0000
Subject: [PATCH] Be more secure in the use of "read"

---
 bin/blackbox_edit             | 2 +-
 bin/blackbox_initialize       | 2 +-
 bin/blackbox_update_all_files | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/blackbox_edit b/bin/blackbox_edit
index 2d2b3f3..0af6222 100755
--- a/bin/blackbox_edit
+++ b/bin/blackbox_edit
@@ -9,7 +9,7 @@ set -e
 for param in """$@""" ; do
   unencrypted_file=$(get_unencrypted_filename "$param")
   if  [[! is_on_cryptlist "$param" ]] && [[! is_on_cryptlist "$unencrypted_file" ]] ; then
-    read -p "Encrypt file $param? (y/n) " ans
+    read -r -p "Encrypt file $param? (y/n) " ans
     case "$ans" in
       y* | Y*)
         blackbox_register_new_file "$param"
diff --git a/bin/blackbox_initialize b/bin/blackbox_initialize
index 80b88ef..b0ade03 100755
--- a/bin/blackbox_initialize
+++ b/bin/blackbox_initialize
@@ -14,7 +14,7 @@ set -e
 _determine_vcs_base_and_type  # Sets VCS_TYPE
 
 if [[ $1 != 'yes' ]]; then
-  read -p "Enable blackbox for this $VCS_TYPE repo? (yes/no) " ans
+  read -r -p "Enable blackbox for this $VCS_TYPE repo? (yes/no) " ans
   if [[ $ans = 'no' || $ans = 'n' || $ans = '' ]]; then
     echo 'Exiting...'
     exit 1
diff --git a/bin/blackbox_update_all_files b/bin/blackbox_update_all_files
index d611744..811568f 100755
--- a/bin/blackbox_update_all_files
+++ b/bin/blackbox_update_all_files
@@ -11,7 +11,7 @@ if [[ -z $GPG_AGENT_INFO ]]; then
   echo 'WARNING: You probably want to run gpg-agent as'
   echo 'you will be asked for your passphrase many times.'
   echo 'Example: $ eval $(gpg-agent --daemon)'
-  read -p 'Press CTRL-C now to stop. ENTER to continue: '
+  read -r -p 'Press CTRL-C now to stop. ENTER to continue: '
 fi
 
 disclose_admins
@@ -33,7 +33,7 @@ done
 if $need_warning ; then
   echo
   echo 'WARNING: This will overwrite any unencrypted files laying about.'
-  read -p 'Press CTRL-C now to stop. ENTER to continue: '
+  read -r -p 'Press CTRL-C now to stop. ENTER to continue: '
 else
   echo 'All OK.'
 fi