Merge branch 'gitlab_popen_array' into 'master'

Change Gitlab::Popen to only accept arrays as commands

Merge branch 'gitlab_popen_array' into 'master'
Change Gitlab::Popen to only accept arrays as commands
Dmitriy Zaporozhets
2 parents 6c1af645 36c2c354
Showing 4 changed files with 31 additions and 7 deletions Show diff stats
app/models/key.rb
lib/gitlab/popen.rb
lib/gitlab/satellite/satellite.rb
spec/lib/gitlab/popen_spec.rb
@@ -53,7 +53,7 @@ class Key &lt; ActiveRecord::Base
     Tempfile.open('gitlab_key_file') do |file|
       file.puts key
       file.rewind
-      cmd_output, cmd_status = popen("ssh-keygen -lf #{file.path}", '/tmp')
+      cmd_output, cmd_status = popen(%W(ssh-keygen -lf #{file.path}), '/tmp')
     end
     if cmd_status.zero?
 require 'fileutils'
+require 'open3'
 module Gitlab
   module Popen
-    def popen(cmd, path)
+    extend self
+
+    def popen(cmd, path=nil)
+      unless cmd.is_a?(Array)
+        raise "System commands must be given as an array of strings"
+      end
+
+      path ||= Dir.pwd
       vars = { "PWD" => path }
       options = { chdir: path }
@@ -12,10 +20,10 @@ module Gitlab
       @cmd_output = ""
       @cmd_status = 0
-      Open3.popen3(vars, cmd, options) do |stdin, stdout, stderr, wait_thr|
-        @cmd_status = wait_thr.value.exitstatus
+      Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr|
         @cmd_output << stdout.read
         @cmd_output << stderr.read
+        @cmd_status = wait_thr.value.exitstatus
       end
       return @cmd_output, @cmd_status
@@ -33,7 +33,7 @@ module Gitlab
       end
       def create
-        output, status = popen("git clone #{project.repository.path_to_repo} #{path}",
+        output, status = popen(%W(git clone -- #{project.repository.path_to_repo} #{path}),
                                Gitlab.config.satellites.path)
         log("PID: #{project.id}: git clone #{project.repository.path_to_repo} #{path}")
@@ -10,7 +10,7 @@ describe &#39;Gitlab::Popen&#39;, no_db: true do
   context 'zero status' do
     before do
-      @output, @status = @klass.new.popen('ls', path)
+      @output, @status = @klass.new.popen(%W(ls), path)
     end
     it { @status.should be_zero }
@@ -19,11 +19,27 @@ describe &#39;Gitlab::Popen&#39;, no_db: true do
   context 'non-zero status' do
     before do
-      @output, @status = @klass.new.popen('cat NOTHING', path)
+      @output, @status = @klass.new.popen(%W(cat NOTHING), path)
     end
     it { @status.should == 1 }
     it { @output.should include('No such file or directory') }
   end
+
+  context 'unsafe string command' do
+    it 'raises an error when it gets called with a string argument' do
+      expect { @klass.new.popen('ls', path) }.to raise_error
+    end
+  end
+
+  context 'without a directory argument' do
+    before do
+      @output, @status = @klass.new.popen(%W(ls))
+    end
+
+    it { @status.should be_zero }
+    it { @output.should include('spec') }
+  end
+
 end
	@@ -53,7 +53,7 @@ class Key < ActiveRecord::Base		@@ -53,7 +53,7 @@ class Key < ActiveRecord::Base
53	Tempfile.open('gitlab_key_file') do \|file\|	53	Tempfile.open('gitlab_key_file') do \|file\|
54	file.puts key	54	file.puts key
55	file.rewind	55	file.rewind
56	- cmd_output, cmd_status = popen("ssh-keygen -lf #{file.path}", '/tmp')	56	+ cmd_output, cmd_status = popen(%W(ssh-keygen -lf #{file.path}), '/tmp')
57	end	57	end
58		58
59	if cmd_status.zero?	59	if cmd_status.zero?
	@@ -33,7 +33,7 @@ module Gitlab		@@ -33,7 +33,7 @@ module Gitlab
33	end	33	end
34		34
35	def create	35	def create
36	- output, status = popen("git clone #{project.repository.path_to_repo} #{path}",	36	+ output, status = popen(%W(git clone -- #{project.repository.path_to_repo} #{path}),
37	Gitlab.config.satellites.path)	37	Gitlab.config.satellites.path)
38		38
39	log("PID: #{project.id}: git clone #{project.repository.path_to_repo} #{path}")	39	log("PID: #{project.id}: git clone #{project.repository.path_to_repo} #{path}")