mirror of
https://github.com/go-gitea/gitea
synced 2025-07-23 10:48:37 +00:00
Refactor git command arguments and make all arguments to be safe to be used (#21535)
Follow #21464 Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
This commit is contained in:
@@ -24,7 +24,7 @@ import (
|
||||
)
|
||||
|
||||
// GitFsck calls 'git fsck' to check repository health.
|
||||
func GitFsck(ctx context.Context, timeout time.Duration, args []string) error {
|
||||
func GitFsck(ctx context.Context, timeout time.Duration, args []git.CmdArg) error {
|
||||
log.Trace("Doing: GitFsck")
|
||||
|
||||
if err := db.Iterate(
|
||||
@@ -58,9 +58,9 @@ func GitFsck(ctx context.Context, timeout time.Duration, args []string) error {
|
||||
}
|
||||
|
||||
// GitGcRepos calls 'git gc' to remove unnecessary files and optimize the local repository
|
||||
func GitGcRepos(ctx context.Context, timeout time.Duration, args ...string) error {
|
||||
func GitGcRepos(ctx context.Context, timeout time.Duration, args ...git.CmdArg) error {
|
||||
log.Trace("Doing: GitGcRepos")
|
||||
args = append([]string{"gc"}, args...)
|
||||
args = append([]git.CmdArg{"gc"}, args...)
|
||||
|
||||
if err := db.Iterate(
|
||||
ctx,
|
||||
|
@@ -139,7 +139,7 @@ func ApplyDiffPatch(ctx context.Context, repo *repo_model.Repository, doer *user
|
||||
stdout := &strings.Builder{}
|
||||
stderr := &strings.Builder{}
|
||||
|
||||
args := []string{"apply", "--index", "--recount", "--cached", "--ignore-whitespace", "--whitespace=fix", "--binary"}
|
||||
args := []git.CmdArg{"apply", "--index", "--recount", "--cached", "--ignore-whitespace", "--whitespace=fix", "--binary"}
|
||||
|
||||
if git.CheckGitVersionAtLeast("2.32") == nil {
|
||||
args = append(args, "-3")
|
||||
|
@@ -53,7 +53,7 @@ func (t *TemporaryUploadRepository) Close() {
|
||||
|
||||
// Clone the base repository to our path and set branch as the HEAD
|
||||
func (t *TemporaryUploadRepository) Clone(branch string) error {
|
||||
if _, _, err := git.NewCommand(t.ctx, "clone", "-s", "--bare", "-b", branch, t.repo.RepoPath(), t.basePath).RunStdString(nil); err != nil {
|
||||
if _, _, err := git.NewCommand(t.ctx, "clone", "-s", "--bare", "-b").AddDynamicArguments(branch, t.repo.RepoPath(), t.basePath).RunStdString(nil); err != nil {
|
||||
stderr := err.Error()
|
||||
if matched, _ := regexp.MatchString(".*Remote branch .* not found in upstream origin.*", stderr); matched {
|
||||
return git.ErrBranchNotExist{
|
||||
@@ -104,14 +104,7 @@ func (t *TemporaryUploadRepository) LsFiles(filenames ...string) ([]string, erro
|
||||
stdOut := new(bytes.Buffer)
|
||||
stdErr := new(bytes.Buffer)
|
||||
|
||||
cmdArgs := []string{"ls-files", "-z", "--"}
|
||||
for _, arg := range filenames {
|
||||
if arg != "" {
|
||||
cmdArgs = append(cmdArgs, arg)
|
||||
}
|
||||
}
|
||||
|
||||
if err := git.NewCommand(t.ctx, cmdArgs...).
|
||||
if err := git.NewCommand(t.ctx, "ls-files", "-z").AddDashesAndList(filenames...).
|
||||
Run(&git.RunOpts{
|
||||
Dir: t.basePath,
|
||||
Stdout: stdOut,
|
||||
@@ -177,7 +170,7 @@ func (t *TemporaryUploadRepository) HashObject(content io.Reader) (string, error
|
||||
|
||||
// AddObjectToIndex adds the provided object hash to the index with the provided mode and path
|
||||
func (t *TemporaryUploadRepository) AddObjectToIndex(mode, objectHash, objectPath string) error {
|
||||
if _, _, err := git.NewCommand(t.ctx, "update-index", "--add", "--replace", "--cacheinfo", mode, objectHash, objectPath).RunStdString(&git.RunOpts{Dir: t.basePath}); err != nil {
|
||||
if _, _, err := git.NewCommand(t.ctx, "update-index", "--add", "--replace", "--cacheinfo").AddDynamicArguments(mode, objectHash, objectPath).RunStdString(&git.RunOpts{Dir: t.basePath}); err != nil {
|
||||
stderr := err.Error()
|
||||
if matched, _ := regexp.MatchString(".*Invalid path '.*", stderr); matched {
|
||||
return models.ErrFilePathInvalid{
|
||||
@@ -211,7 +204,7 @@ func (t *TemporaryUploadRepository) GetLastCommitByRef(ref string) (string, erro
|
||||
if ref == "" {
|
||||
ref = "HEAD"
|
||||
}
|
||||
stdout, _, err := git.NewCommand(t.ctx, "rev-parse", ref).RunStdString(&git.RunOpts{Dir: t.basePath})
|
||||
stdout, _, err := git.NewCommand(t.ctx, "rev-parse").AddDynamicArguments(ref).RunStdString(&git.RunOpts{Dir: t.basePath})
|
||||
if err != nil {
|
||||
log.Error("Unable to get last ref for %s in temporary repo: %s(%s): Error: %v", ref, t.repo.FullName(), t.basePath, err)
|
||||
return "", fmt.Errorf("Unable to rev-parse %s in temporary repo for: %s Error: %v", ref, t.repo.FullName(), err)
|
||||
@@ -241,11 +234,11 @@ func (t *TemporaryUploadRepository) CommitTreeWithDate(parent string, author, co
|
||||
_, _ = messageBytes.WriteString(message)
|
||||
_, _ = messageBytes.WriteString("\n")
|
||||
|
||||
var args []string
|
||||
var args []git.CmdArg
|
||||
if parent != "" {
|
||||
args = []string{"commit-tree", treeHash, "-p", parent}
|
||||
args = []git.CmdArg{"commit-tree", git.CmdArgCheck(treeHash), "-p", git.CmdArgCheck(parent)}
|
||||
} else {
|
||||
args = []string{"commit-tree", treeHash}
|
||||
args = []git.CmdArg{"commit-tree", git.CmdArgCheck(treeHash)}
|
||||
}
|
||||
|
||||
var sign bool
|
||||
@@ -257,7 +250,7 @@ func (t *TemporaryUploadRepository) CommitTreeWithDate(parent string, author, co
|
||||
sign, keyID, signer, _ = asymkey_service.SignInitialCommit(t.ctx, t.repo.RepoPath(), author)
|
||||
}
|
||||
if sign {
|
||||
args = append(args, "-S"+keyID)
|
||||
args = append(args, git.CmdArg("-S"+keyID))
|
||||
if t.repo.GetTrustModel() == repo_model.CommitterTrustModel || t.repo.GetTrustModel() == repo_model.CollaboratorCommitterTrustModel {
|
||||
if committerSig.Name != authorSig.Name || committerSig.Email != authorSig.Email {
|
||||
// Add trailers
|
||||
|
@@ -370,7 +370,7 @@ func CreateOrUpdateRepoFile(ctx context.Context, repo *repo_model.Repository, do
|
||||
if setting.LFS.StartServer && hasOldBranch {
|
||||
// Check there is no way this can return multiple infos
|
||||
filename2attribute2info, err := t.gitRepo.CheckAttribute(git.CheckAttributeOpts{
|
||||
Attributes: []string{"filter"},
|
||||
Attributes: []git.CmdArg{"filter"},
|
||||
Filenames: []string{treePath},
|
||||
CachedOnly: true,
|
||||
})
|
||||
|
@@ -96,7 +96,7 @@ func UploadRepoFiles(ctx context.Context, repo *repo_model.Repository, doer *use
|
||||
var filename2attribute2info map[string]map[string]string
|
||||
if setting.LFS.StartServer {
|
||||
filename2attribute2info, err = t.gitRepo.CheckAttribute(git.CheckAttributeOpts{
|
||||
Attributes: []string{"filter"},
|
||||
Attributes: []git.CmdArg{"filter"},
|
||||
Filenames: names,
|
||||
CachedOnly: true,
|
||||
})
|
||||
|
@@ -130,7 +130,7 @@ func ForkRepository(ctx context.Context, doer, owner *user_model.User, opts Fork
|
||||
|
||||
repoPath := repo_model.RepoPath(owner.Name, repo.Name)
|
||||
if stdout, _, err := git.NewCommand(txCtx,
|
||||
"clone", "--bare", oldRepoPath, repoPath).
|
||||
"clone", "--bare").AddDynamicArguments(oldRepoPath, repoPath).
|
||||
SetDescription(fmt.Sprintf("ForkRepository(git clone): %s to %s", opts.BaseRepo.FullName(), repo.FullName())).
|
||||
RunStdBytes(&git.RunOpts{Timeout: 10 * time.Minute}); err != nil {
|
||||
log.Error("Fork Repository (git clone) Failed for %v (from %v):\nStdout: %s\nError: %v", repo, opts.BaseRepo, stdout, err)
|
||||
|
Reference in New Issue
Block a user