Merge branch 'gitlab_popen_array' into 'master'

Change Gitlab::Popen to only accept arrays as commands

Merge branch 'gitlab_popen_array' into 'master'
Change Gitlab::Popen to only accept arrays as commands
63d0c0b9 · Dmitriy Zaporozhets · 6c1af645 · 36c2c354 · 63d0c0b9 · 63d0c0b9
Commit 63d0c0b9 authored Feb 26, 2014 by Dmitriy Zaporozhets
4 changed files
--- a/app/models/key.rb
+++ b/app/models/key.rb
@@ -53,7 +53,7 @@ class Key < ActiveRecord::Base
    Tempfile.open('gitlab_key_file') do |file|
      file.puts key
      file.rewind
-      cmd_output, cmd_status = popen("ssh-keygen -lf #{file.path}", '/tmp')
+      cmd_output, cmd_status = popen(%W(ssh-keygen -lf #{file.path}), '/tmp')
    end

    if cmd_status.zero?

--- a/lib/gitlab/popen.rb
+++ b/lib/gitlab/popen.rb
 require 'fileutils'
+require 'open3'

 module Gitlab
  module Popen
-    def popen(cmd, path)
+    extend self
+
+    def popen(cmd, path=nil)
+      unless cmd.is_a?(Array)
+        raise "System commands must be given as an array of strings"
+      end
+
+      path ||= Dir.pwd
      vars = { "PWD" => path }
      options = { chdir: path }

@@ -12,10 +20,10 @@ module Gitlab

      @cmd_output = ""
      @cmd_status = 0
-      Open3.popen3(vars, cmd, options) do |stdin, stdout, stderr, wait_thr|
-        @cmd_status = wait_thr.value.exitstatus
+      Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr|
        @cmd_output << stdout.read
        @cmd_output << stderr.read
+        @cmd_status = wait_thr.value.exitstatus
      end

      return @cmd_output, @cmd_status

--- a/lib/gitlab/satellite/satellite.rb
+++ b/lib/gitlab/satellite/satellite.rb
@@ -33,7 +33,7 @@ module Gitlab
      end

      def create
-        output, status = popen("git clone #{project.repository.path_to_repo} #{path}",
+        output, status = popen(%W(git clone -- #{project.repository.path_to_repo} #{path}),
                               Gitlab.config.satellites.path)

        log("PID: #{project.id}: git clone #{project.repository.path_to_repo} #{path}")

--- a/spec/lib/gitlab/popen_spec.rb
+++ b/spec/lib/gitlab/popen_spec.rb
@@ -10,7 +10,7 @@ describe 'Gitlab::Popen', no_db: true do

  context 'zero status' do
    before do
-      @output, @status = @klass.new.popen('ls', path)
+      @output, @status = @klass.new.popen(%W(ls), path)
    end

    it { @status.should be_zero }
@@ -19,11 +19,27 @@ describe 'Gitlab::Popen', no_db: true do

  context 'non-zero status' do
    before do
-      @output, @status = @klass.new.popen('cat NOTHING', path)
+      @output, @status = @klass.new.popen(%W(cat NOTHING), path)
    end

    it { @status.should == 1 }
    it { @output.should include('No such file or directory') }
  end
+
+  context 'unsafe string command' do
+    it 'raises an error when it gets called with a string argument' do
+      expect { @klass.new.popen('ls', path) }.to raise_error
+    end
+  end
+
+  context 'without a directory argument' do
+    before do
+      @output, @status = @klass.new.popen(%W(ls))
+    end
+
+    it { @status.should be_zero }
+    it { @output.should include('spec') }
+  end
+
 end