From b6afee33079edd49c451efa243651ee2d6beaac8 Mon Sep 17 00:00:00 2001
From: yihuang <huang@crypto.com>
Date: Mon, 8 Jul 2024 22:22:33 +0800
Subject: [PATCH] Problem: minor security issue in github workflow (#1056)

* Problem: minor security issue in github workflow

* Update .github/workflows/build.yml

Signed-off-by: yihuang <huang@crypto.com>

---------

Signed-off-by: yihuang <huang@crypto.com>
---
 .github/workflows/build.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 0664d2c5e..ee26a0753 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -68,9 +68,11 @@ jobs:
       - name: Get Comment PR informations
         id: pr_data
         if: github.event_name == 'issue_comment'
+        env:
+          COMMENT_BODY: ${{ github.event.comment.body }}
         run: |
           echo "repo_name=${{ fromJson(steps.request.outputs.data).head.repo.full_name }}" >> $GITHUB_OUTPUT
-          comment_hash=`echo ${{ github.event.comment.body }} | cut -d' ' -f2` # get commit hash if any
+          comment_hash=`echo "$COMMENT_BODY" | cut -d' ' -f2` # get commit hash if any
           if [[ "${comment_hash}" == "/runsim" ]]; then 
             # use default head ref
             echo "ref=${{ fromJson(steps.request.outputs.data).head.ref }}" >> $GITHUB_OUTPUT