From b1843c520f346f1f899c7470ec78693ce3316669 Mon Sep 17 00:00:00 2001
From: Vidar Holen <spam@vidarholen.net>
Date: Sat, 18 Jul 2015 12:30:08 -0700
Subject: [PATCH] Warn when using read without -r

---
 ShellCheck/Analytics.hs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ShellCheck/Analytics.hs b/ShellCheck/Analytics.hs
index d18463b..6eb5c67 100644
--- a/ShellCheck/Analytics.hs
+++ b/ShellCheck/Analytics.hs
@@ -206,6 +206,7 @@ nodeChecks = [
     ,checkReturn
     ,checkMaskedReturns
     ,checkInjectableFindSh
+    ,checkReadWithoutR
     ]
 
 
@@ -3453,6 +3454,13 @@ checkInjectableFindSh _ = checkCommand "find" (const check)
         when ("{}" `isInfixOf` arg) $
             warn id 2156 "Injecting filenames is fragile and insecure. Use parameters."
 
+prop_checkReadWithoutR1 = verify checkReadWithoutR "read -a foo"
+prop_checkReadWithoutR2 = verifyNot checkReadWithoutR "read -ar foo"
+checkReadWithoutR _ t@(T_SimpleCommand {}) | t `isUnqualifiedCommand` "read" =
+    unless ("r" `elem` map snd (getAllFlags t)) $
+        info (getId t) 2162 "read without -r will mangle backslashes."
+checkReadWithoutR _ _ = return ()
+
 
 return []
 runTests =  $( [| $(forAllProperties) (quickCheckWithResult (stdArgs { maxSuccess = 1 }) ) |])
-- 
GitLab