From: merlyn@stonehenge.com (Randal L. Schwartz)
To: "Alex Riesen" <raa.lkml@gmail.com>
Cc: "Johannes Schindelin" <Johannes.Schindelin@gmx.de>,
git@vger.kernel.org, junkio@cox.net
Subject: Re: [PATCH] Convert open("-|") to qx{} calls
Date: 23 Feb 2006 08:07:34 -0800 [thread overview]
Message-ID: <86hd6qgit5.fsf@blue.stonehenge.com> (raw)
In-Reply-To: <81b0412b0602230738s3445bd86h2d1d670e0ef5daed@mail.gmail.com>
>>>>> "Alex" == Alex Riesen <raa.lkml@gmail.com> writes:
Alex> Is $tmpname safe?
>> - my $sha = <$F>;
>> + my $sha = qx{git-hash-object -w $name};
>> + !$? or exit $?;
Alex> Is $name safe?
>> - while(<$f>) {
>> + foreach (qx{git-ls-tree -r -z $gitrev $srcpath}) {
>> chomp;
Alex> Is $srcpath safe?
>> - while(<$F>) {
>> + foreach (qx{git-ls-files -z @o1}) {
Alex> @o1 must contain filenames. Can be dangerous
Convert all of these to use "safe_qx" (perl 5.6 compatible):
sub safe_qx {
defined (my $pid = open my $kid, "-|") or die "Cannot fork: $!";
unless ($pid) { # child does:
exec @_;
die "Cannot exec @_: $!";
}
my $result = do { local $/; <$kid> };
close $kid; # sets $?
return $result;
}
my $result = safe_qx('some shell command');
my $other_result = safe_qx('git-ls-tree', '-r', '-z', $gitrev, $srcpath);
Args are safe, as if being passed to system/exec, so a single arg
can be a shell command, multiargs are passed arg-by-arg to a single
exec target. $? is set correctly.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
next prev parent reply other threads:[~2006-02-23 16:07 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-23 14:33 [PATCH] Convert open("-|") to qx{} calls Johannes Schindelin
2006-02-23 15:38 ` Alex Riesen
2006-02-23 16:07 ` Randal L. Schwartz [this message]
2006-02-23 17:53 ` Junio C Hamano
2006-02-23 18:42 ` Randal L. Schwartz
2006-02-23 19:41 ` Johannes Schindelin
2006-02-23 20:41 ` Randal L. Schwartz
2006-02-23 21:14 ` Alex Riesen
2006-02-23 21:15 ` Randal L. Schwartz
2006-02-24 5:19 ` Rogan Dawes
2006-02-24 13:27 ` Alex Riesen
2006-02-24 14:29 ` Rogan Dawes
2006-02-24 15:25 ` Alex Riesen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86hd6qgit5.fsf@blue.stonehenge.com \
--to=merlyn@stonehenge.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
--cc=raa.lkml@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).