diff options
| author | Johannes Sixt <j6t@kdbg.org> | 2025-03-29 18:49:05 +0100 |
|---|---|---|
| committer | Taylor Blau <me@ttaylorr.com> | 2025-05-23 17:04:23 -0400 |
| commit | 67a128b91e25978a15f9f7e194d81b441d603652 (patch) | |
| tree | dcd4a2f763aa6fb8c1f6a8ad5874a8ed7a671323 | |
| parent | d7bc50cece90c490b34a7137568d2c58db40807a (diff) | |
| download | git-67a128b91e25978a15f9f7e194d81b441d603652.tar.gz | |
gitk: sanitize 'open' arguments: revisit recently updated 'open' calls
The previous commits bb5cb23daf75 (gitk: prevent overly long command
lines, 2023-01-24) rewrote a set of the 'open' calls substantially.
These were then later updated by 7dd272eca153 (gitk: escape file paths
before piping to git log, 2023-01-24) and d5d1b91e5327 (gitk: encode
arguments correctly with "open", 2025-03-07). In the preceding merge,
the conversions to a safe_open variant were undone to ensure that the
principal operation of the new 'open' calls is not modified by accident.
Since the 'open' calls now pass a redirection from a Tcl string as
stdin, convert the calls to 'safe_open_command_redirect'.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Taylor Blau <me@ttaylorr.com>
| -rwxr-xr-x | gitk | 17 |
1 files changed, 9 insertions, 8 deletions
@@ -498,9 +498,9 @@ proc start_rev_list {view} { } if {[catch { - set fd [open [concat | git log --no-color -z --pretty=raw $show_notes \ - --parents --boundary $args --stdin \ - [list "<<[join [concat $revs "--" $files] "\n"]"]] r] + set fd [safe_open_command_redirect [concat git log --no-color -z --pretty=raw $show_notes \ + --parents --boundary $args --stdin] \ + [list "<<[join [concat $revs "--" $files] "\n"]"]] } err]} { error_popup "[mc "Error executing git log:"] $err" return 0 @@ -651,9 +651,9 @@ proc updatecommits {} { set args $vorigargs($view) } if {[catch { - set fd [open [concat | git log --no-color -z --pretty=raw $show_notes \ - --parents --boundary $args --stdin \ - [list "<<[join [concat $revs "--" $vfilelimit($view)] "\n"]"]] r] + set fd [safe_open_command_redirect [concat git log --no-color -z --pretty=raw $show_notes \ + --parents --boundary $args --stdin] \ + [list "<<[join [concat $revs "--" $vfilelimit($view)] "\n"]"]] } err]} { error_popup "[mc "Error executing git log:"] $err" return @@ -10322,10 +10322,11 @@ proc getallcommits {} { if {$ids ne {}} { if {$ids eq "--all"} { set cmd [concat $cmd "--all"] + set fd [safe_open_command $cmd] } else { - set cmd [concat $cmd --stdin [list "<<[join $ids "\n"]"]] + set cmd [concat $cmd --stdin] + set fd [safe_open_command_redirect $cmd [list "<<[join $ids "\n"]"]] } - set fd [open $cmd r] fconfigure $fd -blocking 0 incr allcommits nowbusy allcommits |