From bff9d42b608214259a10996cc747dde2946d0c49 Mon Sep 17 00:00:00 2001
From: Luke Plaster <me@lukep.org>
Date: Mon, 22 Jan 2018 23:48:43 +0800
Subject: [PATCH] Fixed shell expansion/word splitting and injection vulns

The `exec` call in `git.coffee` will be replaced soon but this fixes the issues for now.

Closes #23.
---
 package.json           |  1 +
 src/index.coffee       | 22 +++++++++++-----------
 test/index.test.coffee |  2 +-
 test/repo.test.coffee  |  2 +-
 4 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/package.json b/package.json
index 3a55c2a..8b42a0b 100644
--- a/package.json
+++ b/package.json
@@ -26,6 +26,7 @@
     "url": "https://github.com/notatestuser/gift.git"
   },
   "dependencies": {
+    "flex-exec": "^1.0.0",
     "underscore": "^1.8.3"
   },
   "devDependencies": {
diff --git a/src/index.coffee b/src/index.coffee
index 816f375..e7954a2 100644
--- a/src/index.coffee
+++ b/src/index.coffee
@@ -1,5 +1,5 @@
-{exec} = require 'child_process'
-Repo   = require './repo'
+exec = require 'flex-exec'
+Repo = require './repo'
 
 # Public: Create a Repo from the given path.
 #
@@ -20,13 +20,13 @@ Git.maxBuffer = 5000 * 1024
 Git.init = (path, bare, callback) ->
   [bare, callback] = [callback, bare] if !callback
   if bare
-    bash = "git init --bare ."
+    bash = ["git", "init", "--bare", "."]
   else
-    bash = "git init ."
+    bash = ["git", "init", "."]
   exec bash, {cwd: path}
   , (err, stdout, stderr) ->
-    return callback err if err
-    return callback err, (new Repo path, bare, { maxBuffer: Git.maxBuffer })
+    return callback err if err instanceof Error
+    return callback null, (new Repo path, bare, { maxBuffer: Git.maxBuffer })
 
 # Public: Clone a git repository.
 #
@@ -42,13 +42,13 @@ Git.clone = (repository, path, depth = 0, branch = null, callback) ->
   if typeof depth is 'function'
     callback = depth
     depth = 0
-  bash = "git clone \"#{repository}\" \"#{path}\""
+  bash = ["git", "clone", repository, path]
 
   if branch isnt null and typeof branch is 'string'
-    bash += " --branch \"#{branch}\""
+    bash.push("--branch", branch)
   if depth isnt 0 and typeof depth is 'number'
-    bash += " --depth \"#{depth}\""
+    bash.push("--depth", depth)
 
   exec bash, (err, stdout, stderr) ->
-    return callback err if err
-    return callback err, (new Repo path, false, { maxBuffer: Git.maxBuffer })
+    return callback err if err instanceof Error
+    return callback null, (new Repo path, false, { maxBuffer: Git.maxBuffer })
diff --git a/test/index.test.coffee b/test/index.test.coffee
index 6fb62e1..541e4f7 100644
--- a/test/index.test.coffee
+++ b/test/index.test.coffee
@@ -2,7 +2,7 @@ should = require 'should'
 git    = require '../src'
 Repo   = require '../src/repo'
 fs     = require "fs"
-{exec} = require 'child_process'
+exec   = require 'flex-exec'
 
 describe "git", ->
   describe "()", ->
diff --git a/test/repo.test.coffee b/test/repo.test.coffee
index 6d7b9f7..2a80f57 100644
--- a/test/repo.test.coffee
+++ b/test/repo.test.coffee
@@ -12,7 +12,7 @@ Tag      = require '../src/tag'
 Status   = require '../src/status'
 
 {Ref, Head} = require '../src/ref'
-{exec}      = require 'child_process'
+exec        = require 'flex-exec'
 
 describe "Repo", ->