Commit 0432bdf19eb3483e109582832a36dc7a3601a384
1 parent
9f20580e
Exists in
spb-stable
and in
3 other branches
Change Gitlab::Popen to use arrays for commands
Showing
2 changed files
with
16 additions
and
4 deletions
Show diff stats
lib/gitlab/popen.rb
| 1 | require 'fileutils' | 1 | require 'fileutils' |
| 2 | +require 'open3' | ||
| 2 | 3 | ||
| 3 | module Gitlab | 4 | module Gitlab |
| 4 | module Popen | 5 | module Popen |
| 5 | def popen(cmd, path) | 6 | def popen(cmd, path) |
| 7 | + unless cmd.is_a?(Array) | ||
| 8 | + raise "System commands must be given as an array of strings" | ||
| 9 | + end | ||
| 10 | + | ||
| 6 | vars = { "PWD" => path } | 11 | vars = { "PWD" => path } |
| 7 | options = { chdir: path } | 12 | options = { chdir: path } |
| 8 | 13 | ||
| @@ -12,10 +17,10 @@ module Gitlab | @@ -12,10 +17,10 @@ module Gitlab | ||
| 12 | 17 | ||
| 13 | @cmd_output = "" | 18 | @cmd_output = "" |
| 14 | @cmd_status = 0 | 19 | @cmd_status = 0 |
| 15 | - Open3.popen3(vars, cmd, options) do |stdin, stdout, stderr, wait_thr| | ||
| 16 | - @cmd_status = wait_thr.value.exitstatus | 20 | + Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr| |
| 17 | @cmd_output << stdout.read | 21 | @cmd_output << stdout.read |
| 18 | @cmd_output << stderr.read | 22 | @cmd_output << stderr.read |
| 23 | + @cmd_status = wait_thr.value.exitstatus | ||
| 19 | end | 24 | end |
| 20 | 25 | ||
| 21 | return @cmd_output, @cmd_status | 26 | return @cmd_output, @cmd_status |
spec/lib/gitlab/popen_spec.rb
| @@ -10,7 +10,7 @@ describe 'Gitlab::Popen', no_db: true do | @@ -10,7 +10,7 @@ describe 'Gitlab::Popen', no_db: true do | ||
| 10 | 10 | ||
| 11 | context 'zero status' do | 11 | context 'zero status' do |
| 12 | before do | 12 | before do |
| 13 | - @output, @status = @klass.new.popen('ls', path) | 13 | + @output, @status = @klass.new.popen(%W(ls), path) |
| 14 | end | 14 | end |
| 15 | 15 | ||
| 16 | it { @status.should be_zero } | 16 | it { @status.should be_zero } |
| @@ -19,11 +19,18 @@ describe 'Gitlab::Popen', no_db: true do | @@ -19,11 +19,18 @@ describe 'Gitlab::Popen', no_db: true do | ||
| 19 | 19 | ||
| 20 | context 'non-zero status' do | 20 | context 'non-zero status' do |
| 21 | before do | 21 | before do |
| 22 | - @output, @status = @klass.new.popen('cat NOTHING', path) | 22 | + @output, @status = @klass.new.popen(%W(cat NOTHING), path) |
| 23 | end | 23 | end |
| 24 | 24 | ||
| 25 | it { @status.should == 1 } | 25 | it { @status.should == 1 } |
| 26 | it { @output.should include('No such file or directory') } | 26 | it { @output.should include('No such file or directory') } |
| 27 | end | 27 | end |
| 28 | + | ||
| 29 | + context 'unsafe string command' do | ||
| 30 | + it 'raises an error when it gets called with a string argument' do | ||
| 31 | + expect { @klass.new.popen('ls', path) }.to raise_error | ||
| 32 | + end | ||
| 33 | + end | ||
| 34 | + | ||
| 28 | end | 35 | end |
| 29 | 36 |