Merge branch 'js/fix-open-exec'

This addresses CVE-2025-46835, Git GUI can create and overwrite a user's files: When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. Signed-off-by: Johannes Sixt <j6t@kdbg.org>
author: Johannes Sixt <j6t@kdbg.org> 2025-05-20 08:56:09 +0200
committer: Taylor Blau <me@ttaylorr.com> 2025-05-23 17:04:31 -0400
commit: 311d9ada3a7c2c49669d656a0359cc3a9ccfeeef (patch)
tree: 2a415d4e14344093eda9d6e2a0daa026ae564989 /git-gui/lib/tools.tcl
parent: a7d1716fa648f6557ea9c91e0f04bae2e8738e6a (diff)
parent: a437f5bc93330a70b42a230e52f3bd036ca1b1da (diff)
download: git-311d9ada3a7c2c49669d656a0359cc3a9ccfeeef.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/git-gui/lib/tools.tcl b/git-gui/lib/tools.tcl
index b86f72ed16..48fddfd814 100644
--- a/git-gui/lib/tools.tcl
+++ b/git-gui/lib/tools.tcl
@@ -130,8 +130,7 @@ proc tools_exec {fullname} {
 }
 
 proc tools_run_silent {cmd after} {
-	lappend cmd 2>@1
-	set fd [_open_stdout_stderr $cmd]
+	set fd [safe_open_command $cmd [list 2>@1]]
 
 	fconfigure $fd -blocking 0 -translation binary
 	fileevent $fd readable [list tools_consume_input $fd $after]
author	Johannes Sixt <j6t@kdbg.org>	2025-05-20 08:56:09 +0200
committer	Taylor Blau <me@ttaylorr.com>	2025-05-23 17:04:31 -0400
commit	311d9ada3a7c2c49669d656a0359cc3a9ccfeeef (patch)
tree	2a415d4e14344093eda9d6e2a0daa026ae564989 /git-gui/lib/tools.tcl
parent	a7d1716fa648f6557ea9c91e0f04bae2e8738e6a (diff)
parent	a437f5bc93330a70b42a230e52f3bd036ca1b1da (diff)
download	git-311d9ada3a7c2c49669d656a0359cc3a9ccfeeef.tar.gz