Mirrors/Munin-Contrib
1
0
Fork 0
mirror of https://github.com/munin-monitoring/contrib.git synced 2025-07-22 14:16:00 +00:00
Code Issues Releases Wiki Activity

Improved shell command generation to protect the injected configuration values

Browse source
This commit is contained in:
Neraud 2018-08-03 15:55:39 +02:00
parent e0b243ba93
commit c169373f21
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
plugins/git/git_commit_behind
View file

@ -104,6 +104,7 @@ import os
from pathlib import Path from pathlib import Path
from random import randint from random import randint
import re import re
from shlex import quote
from subprocess import check_output, call, DEVNULL, CalledProcessError from subprocess import check_output, call, DEVNULL, CalledProcessError
import sys import sys
import time import time
@ -158,10 +159,12 @@ def print_config():
def generate_git_command(repo_conf, git_command): def generate_git_command(repo_conf, git_command):
if not repo_conf['user'] or repo_conf['user'] == os.environ['USER']: if not repo_conf['user'] or repo_conf['user'] == os.environ['USER']:
cmd = [conf['git_path']] + git_command cmd = [quote(conf['git_path'])] + git_command
else: else:
shell_cmd = 'cd %s ; %s %s' % ( shell_cmd = 'cd %s ; %s %s' % (
repo_conf['path'], conf['git_path'], ' '.join(git_command)) quote(repo_conf['path']),
quote(conf['git_path']),
' '.join(git_command))
cmd = ['su', '-', repo_conf['user'], '-c', shell_cmd] cmd = ['su', '-', repo_conf['user'], '-c', shell_cmd]
return cmd return cmd