From a4fed29171cc4fa07591ab5e2d53e7fae7125227 Mon Sep 17 00:00:00 2001
From: Alain Reguera Delgado <alain.reguera@gmail.com>
Date: Jul 16 2011 21:52:41 +0000
Subject: Update `texinfo_updateChapterMenu.sh':


    - Take care the way you quote egrep's pattern to prevent ending up
      using the syntax `$"..."' which has security risks.


---

diff --git a/Scripts/Functions/Help/Texinfo/texinfo_updateChapterMenu.sh b/Scripts/Functions/Help/Texinfo/texinfo_updateChapterMenu.sh
index a477443..38ea6cb 100755
--- a/Scripts/Functions/Help/Texinfo/texinfo_updateChapterMenu.sh
+++ b/Scripts/Functions/Help/Texinfo/texinfo_updateChapterMenu.sh
@@ -44,15 +44,18 @@ function texinfo_updateChapterMenu {
         'remove-entry' )
             # Remove chapter from menu.
             MENUCHAPTERS=$(echo "${MENUCHAPTERS}" \
-                | egrep -v "^\* ${MANUAL_CHAPTER_NAME}::[[:print:]]*$")
+                | egrep -v '^\* '"${MANUAL_CHAPTER_NAME}"'::[[:print:]]*$')
             ;;
 
         'update-entry' | * )
             # Update chapter menu using texinfo format. Be sure the
             # chapter node itself is not included here, that would
-            # duplicate it inside the menu definition file which
-            # end up being a definition error.
-            MENUCHAPTERS="$(echo "${MENUCHAPTERS}" | egrep -v "\* ${MANUAL_CHAPTER_NAME}::[[:print:]]*$")
+            # duplicate it inside the menu definition file which end
+            # up being a definition error. Take care the way you quote
+            # egrep's pattern, prevent to end up using the syntax
+            # `$"..."' which has security risks.
+            MENUCHAPTERS="$(echo "${MENUCHAPTERS}" \
+                | egrep -v '\* '"${MANUAL_CHAPTER_NAME}"'::[[:print:]]*$')
                 * ${MANUAL_CHAPTER_NAME}::"
             ;;
     esac