nune/gitea
nune/gitea
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Refactor git command arguments and make all arguments to be safe to be used (#21535)

Browse source 
Follow #21464

Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
This commit is contained in:
wxiaoguang 2022-10-23 22:44:45 +08:00 committed by GitHub
parent 4eeea7b30e
commit dcd9fc7ee8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
71 changed files with 425 additions and 391 deletions
Download patch file Download diff file Expand all files Collapse all files

4
routers/private/hook_verification.go
View file

@ -44,7 +44,7 @@ func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env []
}()
// This is safe as force pushes are already forbidden
err = git.NewCommand(repo.Ctx, "rev-list", oldCommitID+"..."+newCommitID).
err = git.NewCommand(repo.Ctx, "rev-list").AddDynamicArguments(oldCommitID + "..." + newCommitID).
Run(&git.RunOpts{
Env: env,
Dir: repo.Path,
@ -91,7 +91,7 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error {
}()
hash := git.MustIDFromString(sha)
return git.NewCommand(repo.Ctx, "cat-file", "commit", sha).
return git.NewCommand(repo.Ctx, "cat-file", "commit").AddDynamicArguments(sha).
Run(&git.RunOpts{
Env: env,
Dir: repo.Path,