archimport: use safe_pipe_capture for user input

Refnames can contain shell metacharacters which need to be
passed verbatim to sub-processes. Using safe_pipe_capture
skips the shell entirely.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/git-archimport.perl b/git-archimport.perl
index 9cb123a..b7c173c 100755 (executable)
--- a/git-archimport.perl
+++ b/git-archimport.perl
@@ -983,7 +983,7 @@ sub find_parents {
        # check that we actually know about the branch
        next unless -e "$git_dir/refs/heads/$branch";
 
-       my $mergebase = `git-merge-base $branch $ps->{branch}`;
+       my $mergebase = safe_pipe_capture(qw(git-merge-base), $branch, $ps->{branch});
        if ($?) {
            # Don't die here, Arch supports one-way cherry-picking
            # between branches with no common base (or any relationship
@@ -1074,7 +1074,7 @@ sub find_parents {
 
 sub git_rev_parse {
     my $name = shift;
-    my $val  = `git-rev-parse $name`;
+    my $val  = safe_pipe_capture(qw(git-rev-parse), $name);
     die "Error: git-rev-parse $name" if $?;
     chomp $val;
     return $val;