diff options
| author | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2014-02-25 11:57:42 +0100 | 
|---|---|---|
| committer | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2014-02-25 11:57:42 +0100 | 
| commit | 0432bdf19eb3483e109582832a36dc7a3601a384 (patch) | |
| tree | b238509c11cfb5e43e419d2b35a2404d8f49a95f | |
| parent | 9f20580ed7338e72ffeadff86c0d605a2802c957 (diff) | |
| download | gitlab-ce-0432bdf19eb3483e109582832a36dc7a3601a384.tar.gz | |
Change Gitlab::Popen to use arrays for commands
| -rw-r--r-- | lib/gitlab/popen.rb | 9 | ||||
| -rw-r--r-- | spec/lib/gitlab/popen_spec.rb | 11 | 
2 files changed, 16 insertions, 4 deletions
| diff --git a/lib/gitlab/popen.rb b/lib/gitlab/popen.rb index 5283cf0b821..d10269f4438 100644 --- a/lib/gitlab/popen.rb +++ b/lib/gitlab/popen.rb @@ -1,8 +1,13 @@  require 'fileutils' +require 'open3'  module Gitlab    module Popen      def popen(cmd, path) +      unless cmd.is_a?(Array) +        raise "System commands must be given as an array of strings" +      end +        vars = { "PWD" => path }        options = { chdir: path } @@ -12,10 +17,10 @@ module Gitlab        @cmd_output = ""        @cmd_status = 0 -      Open3.popen3(vars, cmd, options) do |stdin, stdout, stderr, wait_thr| -        @cmd_status = wait_thr.value.exitstatus +      Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr|          @cmd_output << stdout.read          @cmd_output << stderr.read +        @cmd_status = wait_thr.value.exitstatus        end        return @cmd_output, @cmd_status diff --git a/spec/lib/gitlab/popen_spec.rb b/spec/lib/gitlab/popen_spec.rb index 4791be41613..a4a0846b7b9 100644 --- a/spec/lib/gitlab/popen_spec.rb +++ b/spec/lib/gitlab/popen_spec.rb @@ -10,7 +10,7 @@ describe 'Gitlab::Popen', no_db: true do    context 'zero status' do      before do -      @output, @status = @klass.new.popen('ls', path) +      @output, @status = @klass.new.popen(%W(ls), path)      end      it { @status.should be_zero } @@ -19,11 +19,18 @@ describe 'Gitlab::Popen', no_db: true do    context 'non-zero status' do      before do -      @output, @status = @klass.new.popen('cat NOTHING', path) +      @output, @status = @klass.new.popen(%W(cat NOTHING), path)      end      it { @status.should == 1 }      it { @output.should include('No such file or directory') }    end + +  context 'unsafe string command' do +    it 'raises an error when it gets called with a string argument' do +      expect { @klass.new.popen('ls', path) }.to raise_error +    end +  end +  end | 
