upstream/kallithea Commit - r5182:0e2d450f

git: run external commands as list of strings so we really get correct quoting (Issue )...

Mads Kiilerich -

r5182:0e2d450f default

parent child

kallithea/controllers/compare.py

0 +3 -3

                         else:
                             so, se = org_repo.run_git_command(
-                                'log --reverse --pretty="format: %%H" -s %s..%s'
+                                ['log', '--reverse', '--pretty=format:%H',
-                                    % (org_rev, other_rev)
+                                 '-s', '%s..%s' % (org_rev, other_rev)]
                             )
                             other_changesets = [org_repo.get_changeset(cs)
                                           for cs in re.findall(r'[0-9a-fA-F]{40}', so)]
                             so, se = org_repo.run_git_command(
-                                'merge-base %s %s' % (org_rev, other_rev)
+                                ['merge-base', org_rev, other_rev]
                             )
                             ancestor = re.findall(r'[0-9a-fA-F]{40}', so)[0]
                         org_changesets = []

kallithea/lib/hooks.py

0 +7 -7

                                     repo._repo.refs.set_symbolic_ref('HEAD',
                                                         'refs/heads/%s' % push_ref['name'])
-                                cmd = "for-each-ref --format='%(refname)' 'refs/heads/*'"
+                                cmd = ['for-each-ref', '--format=%(refname)','refs/heads/*']
                                 heads = repo.run_git_command(cmd)[0]
+                                cmd = ['log', push_ref['new_rev'],
+                                       '--reverse', '--pretty=format:%H', '--not']
                                 heads = heads.replace(push_ref['ref'], '')
-                                heads = ' '.join(map(lambda c: c.strip('\n').strip(),
+                                for l in heads.splitlines():
-                                                     heads.splitlines()))
+                                    cmd.append(l.strip())
-                                cmd = (('log %(new_rev)s' % push_ref) +
-                                       ' --reverse --pretty=format:"%H" --not ' + heads)
                                 git_revs += repo.run_git_command(cmd)[0].splitlines()
                             elif push_ref['new_rev'] == EmptyChangeset().raw_id:
                                 #delete branch case
                                 git_revs += ['delete_branch=>%s' % push_ref['name']]
                             else:
-                                cmd = (('log %(old_rev)s..%(new_rev)s' % push_ref) +
+                                cmd = ['log', '%(old_rev)s..%(new_rev)s' % push_ref,
-                                       ' --reverse --pretty=format:"%H"')
+                                       '--reverse', '--pretty=format:%H']
                                 git_revs += repo.run_git_command(cmd)[0].splitlines()
                         elif _type == 'tags':

kallithea/lib/middleware/pygrack.py

0 +12 -17

@@ -82,13 +82,12 b' class GitRepository(object):'
82	server_advert = '# service=%s' % git_command	82	server_advert = '# service=%s' % git_command
83	packet_len = str(hex(len(server_advert) + 4)[2:].rjust(4, '0')).lower()	83	packet_len = str(hex(len(server_advert) + 4)[2:].rjust(4, '0')).lower()
84	_git_path = kallithea.CONFIG.get('git_path', 'git')	84	_git_path = kallithea.CONFIG.get('git_path', 'git')
		85	cmd = [_git_path, git_command[4:],
		86	'--stateless-rpc', '--advertise-refs', self.content_path]
		87	log.debug('handling cmd %s', cmd)
85	try:	88	try:
86	out = subprocessio.SubprocessIOChunker(	89	out = subprocessio.SubprocessIOChunker(cmd,
87	r'%s %s --stateless-rpc --advertise-refs "%s"' % (	90	starting_values=[packet_len + server_advert + '0000']
88	_git_path, git_command[4:], self.content_path),
89	starting_values=[
90	packet_len + server_advert + '0000'
91	]
92	)	91	)
93	except EnvironmentError, e:	92	except EnvironmentError, e:
94	log.error(traceback.format_exc())	93	log.error(traceback.format_exc())
@@ -118,21 +117,17 b' class GitRepository(object):'
118	else:	117	else:
119	inputstream = environ['wsgi.input']	118	inputstream = environ['wsgi.input']
120		119
		120	gitenv = dict(os.environ)
		121	# forget all configs
		122	gitenv['GIT_CONFIG_NOGLOBAL'] = '1'
		123	cmd = [_git_path, git_command[4:], '--stateless-rpc', self.content_path]
		124	log.debug('handling cmd %s', cmd)
121	try:	125	try:
122	gitenv = os.environ
123	# forget all configs
124	gitenv['GIT_CONFIG_NOGLOBAL'] = '1'
125	opts = dict(
126	env=gitenv,
127	cwd=self.content_path,
128	)
129	cmd = r'%s %s --stateless-rpc "%s"' % (_git_path, git_command[4:],
130	self.content_path),
131	log.debug('handling cmd %s' % cmd)
132	out = subprocessio.SubprocessIOChunker(	126	out = subprocessio.SubprocessIOChunker(
133	cmd,	127	cmd,
134	inputstream=inputstream,	128	inputstream=inputstream,
135	**~~opts~~	129	env=gitenv,
		130	cwd=self.content_path,
136	)	131	)
137	except EnvironmentError, e:	132	except EnvironmentError, e:
138	log.error(traceback.format_exc())	133	log.error(traceback.format_exc())

kallithea/lib/utils.py

0 +1 -1

                 if 'git' not in BACKENDS:
                     return None
-                stdout, stderr = GitRepository._run_git_command('--version', _bare=True,
+                stdout, stderr = GitRepository._run_git_command(['--version'], _bare=True,
                                                                 _safe=True)
                 m = re.search("\d+.\d+.\d+", stdout)

kallithea/lib/vcs/backends/git/changeset.py

0 +8 -8

                     """
                     rev_filter = settings.GIT_REV_FILTER
                     so, se = self.repository.run_git_command(
-                        "rev-list %s --children" % (rev_filter)
+                        ['rev-list', rev_filter, '--children']
                     )
                     children = []
                     f_path = safe_str(path)
                     if limit:
-                        cmd = 'log -n %s --pretty="format: %%H" -s %s -- "%s"' % (
+                        cmd = ['log', '-n', str(safe_int(limit, 0)),
-                                  safe_int(limit, 0), cs_id, f_path)
+                               '--pretty=format:%H', '-s', cs_id, '--', f_path]
                     else:
-                        cmd = 'log --pretty="format: %%H" -s %s -- "%s"' % (
+                        cmd = ['log',
-                                  cs_id, f_path)
+                               '--pretty=format:%H', '-s', cs_id, '--', f_path]
                     so, se = self.repository.run_git_command(cmd)
                     ids = re.findall(r'[0-9a-fA-F]{40}', so)
                     return [self.repository.get_changeset(sha) for sha in ids]
                     generally not good. Should be replaced with algorithm iterating
                     commits.
                     """
-                    cmd = 'blame -l --root -r %s -- "%s"' % (self.id, path)
+                    cmd = ['blame', '-l', '--root', '-r', self.id, '--', path]
                     # -l     ==> outputs long shas (and we need all 40 characters)
                     # --root ==> doesn't put '^' character for boundaries
                     # -r sha ==> blames for the given revision
                 def _diff_name_status(self):
                     output = []
                     for parent in self.parents:
-                        cmd = 'diff --name-status %s %s --encoding=utf8' % (parent.raw_id,
+                        cmd = ['diff', '--name-status', parent.raw_id, self.raw_id,
-                                                                            self.raw_id)
+                               '--encoding=utf8']
                         so, se = self.repository.run_git_command(cmd)
                         output.append(so.strip())
                     return '\n'.join(output)

kallithea/lib/vcs/backends/git/repository.py

0 +16 -43

             import logging
             import posixpath
             import string
-            import sys
-            if sys.platform == "win32":
-                from subprocess import list2cmdline
-                def quote(s):
-                    return list2cmdline([s])
-            else:
-                try:
-                    # Python <=2.7
-                    from pipes import quote
-                except ImportError:
-                    # Python 3.3+
-                    from shlex import quote
             from dulwich.objects import Tag
             from dulwich.repo import Repo, NotGitRepository
                         del opts['_safe']
                         safe_call = True
-                    _str_cmd = False
+                    assert isinstance(cmd, list), cmd
-                    if isinstance(cmd, basestring):
-                        cmd = [cmd]
-                        _str_cmd = True
                     gitenv = os.environ
                     # need to clean fix GIT_DIR !
                     _git_path = settings.GIT_EXECUTABLE_PATH
                     cmd = [_git_path] + _copts + cmd
-                    if _str_cmd:
-                        cmd = ' '.join(cmd)
                     try:
                         _opts = dict(
                             env=gitenv,
-                            shell=True,
+                            shell=False,
                         )
                         _opts.update(opts)
                         p = subprocessio.SubprocessIOChunker(cmd, **_opts)
                         return []
                     rev_filter = settings.GIT_REV_FILTER
-                    cmd = 'rev-list %s --reverse --date-order' % (rev_filter)
+                    cmd = ['rev-list', rev_filter, '--reverse', '--date-order']
                     try:
                         so, se = self.run_git_command(cmd)
                     except RepositoryError:
                     # %H at format means (full) commit hash, initial hashes are retrieved
                     # in ascending date order
-                    cmd_template = 'log --date-order --reverse --pretty=format:"%H"'
+                    cmd = ['log', '--date-order', '--reverse', '--pretty=format:%H']
-                    cmd_params = {}
                     if start_date:
-                        cmd_template += ' --since "$since"'
+                        cmd += ['--since', start_date.strftime('%m/%d/%y %H:%M:%S')]
-                        cmd_params['since'] = start_date.strftime('%m/%d/%y %H:%M:%S')
                     if end_date:
-                        cmd_template += ' --until "$until"'
+                        cmd += ['--until', end_date.strftime('%m/%d/%y %H:%M:%S')]
-                        cmd_params['until'] = end_date.strftime('%m/%d/%y %H:%M:%S')
                     if branch_name:
-                        cmd_template += ' $branch_name'
+                        cmd.append(branch_name)
-                        cmd_params['branch_name'] = branch_name
                     else:
-                        rev_filter = settings.GIT_REV_FILTER
+                        cmd.append(settings.GIT_REV_FILTER)
-                        cmd_template += ' %s' % (rev_filter)
-                    cmd = string.Template(cmd_template).safe_substitute(**cmd_params)
                     revs = self.run_git_command(cmd)[0].splitlines()
                     start_pos = 0
                     end_pos = len(revs)
                     if rev1 == self.EMPTY_CHANGESET:
                         rev2 = self.get_changeset(rev2).raw_id
-                        cmd = ' '.join(['show'] + flags + [rev2])
+                        cmd = ['show'] + flags + [rev2]
                     else:
                         rev1 = self.get_changeset(rev1).raw_id
                         rev2 = self.get_changeset(rev2).raw_id
-                        cmd = ' '.join(['diff'] + flags + [rev1, rev2])
+                        cmd = ['diff'] + flags + [rev1, rev2]
                     if path:
-                        cmd += ' -- "%s"' % path
+                        cmd += ['--', path]
                     stdout, stderr = self.run_git_command(cmd)
                     # TODO: don't ignore stderr
                         cmd.append('--bare')
                     elif not update_after_clone:
                         cmd.append('--no-checkout')
-                    cmd += ['--', quote(url), quote(self.path)]
+                    cmd += ['--', url, self.path]
-                    cmd = ' '.join(cmd)
                     # If error occurs run_git_command raises RepositoryError already
                     self.run_git_command(cmd)
                     Tries to pull changes from external location.
                     """
                     url = self._get_url(url)
-                    cmd = ['pull', "--ff-only", quote(url)]
+                    cmd = ['pull', '--ff-only', url]
-                    cmd = ' '.join(cmd)
                     # If error occurs run_git_command raises RepositoryError already
                     self.run_git_command(cmd)
                     Tries to pull changes from external location.
                     """
                     url = self._get_url(url)
-                    so, se = self.run_git_command('ls-remote -h %s' % quote(url))
+                    so, se = self.run_git_command(['ls-remote', '-h', url])
-                    refs = []
+                    cmd = ['fetch', url, '--']
                     for line in (x for x in so.splitlines()):
                         sha, ref = line.split('\t')
-                        refs.append(ref)
+                        cmd.append('+%s:%s' % (ref, ref))
-                    refs = ' '.join(('+%s:%s' % (r, r) for r in refs))
-                    cmd = '''fetch %s -- %s''' % (quote(url), refs)
                     self.run_git_command(cmd)
                 def _update_server_info(self):

kallithea/lib/vcs/subprocessio.py

0 +2 -4

                         input_streamer.start()
                         inputstream = input_streamer.output
-                    _shell = kwargs.get('shell', True)
+                    # Note: fragile cmd mangling has been removed for use in Kallithea
-                    if isinstance(cmd, (list, tuple)):
+                    assert isinstance(cmd, list), cmd
-                        cmd = ' '.join(cmd)
-                    kwargs['shell'] = _shell
                     _p = subprocess.Popen(cmd, bufsize=-1,
                                           stdin=inputstream,
                                           stdout=subprocess.PIPE,

kallithea/tests/vcs/test_git.py

0 +9 -9

                         'base')
                 def test_workdir_get_branch(self):
-                    self.repo.run_git_command('checkout -b production')
+                    self.repo.run_git_command(['checkout', '-b', 'production'])
                     # Regression test: one of following would fail if we don't check
                     # .git/HEAD file
-                    self.repo.run_git_command('checkout production')
+                    self.repo.run_git_command(['checkout', 'production'])
                     self.assertEqual(self.repo.workdir.get_branch(), 'production')
-                    self.repo.run_git_command('checkout master')
+                    self.repo.run_git_command(['checkout', 'master'])
                     self.assertEqual(self.repo.workdir.get_branch(), 'master')
                 def test_get_diff_runs_git_command_with_hashes(self):
                     self.repo.run_git_command = mock.Mock(return_value=['', ''])
                     self.repo.get_diff(0, 1)
                     self.repo.run_git_command.assert_called_once_with(
-                      'diff -U%s --full-index --binary -p -M --abbrev=40 %s %s' %
+                        ['diff', '-U3', '--full-index', '--binary', '-p', '-M', '--abbrev=40',
-                        (3, self.repo._get_revision(0), self.repo._get_revision(1)))
+                         self.repo._get_revision(0), self.repo._get_revision(1)])
                 def test_get_diff_runs_git_command_with_str_hashes(self):
                     self.repo.run_git_command = mock.Mock(return_value=['', ''])
                     self.repo.get_diff(self.repo.EMPTY_CHANGESET, 1)
                     self.repo.run_git_command.assert_called_once_with(
-                        'show -U%s --full-index --binary -p -M --abbrev=40 %s' %
+                        ['show', '-U3', '--full-index', '--binary', '-p', '-M', '--abbrev=40',
-                        (3, self.repo._get_revision(1)))
+                         self.repo._get_revision(1)])
                 def test_get_diff_runs_git_command_with_path_if_its_given(self):
                     self.repo.run_git_command = mock.Mock(return_value=['', ''])
                     self.repo.get_diff(0, 1, 'foo')
                     self.repo.run_git_command.assert_called_once_with(
-                      'diff -U%s --full-index --binary -p -M --abbrev=40 %s %s -- "foo"'
+                        ['diff', '-U3', '--full-index', '--binary', '-p', '-M', '--abbrev=40',
-                        % (3, self.repo._get_revision(0), self.repo._get_revision(1)))
+                         self.repo._get_revision(0), self.repo._get_revision(1), '--', 'foo'])
             class GitRegressionTest(_BackendTestMixin, unittest.TestCase):

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages