Fixed shell expansion/word splitting and injection vulns

The `exec` call in `git.coffee` will be replaced soon but this fixes the issues for now. Closes #23.
2024-11-26 20:04:47 +01:00 · 2018-01-22 23:48:43 +08:00 · 2018-01-22 23:48:43 +08:00 · bff9d42b60
commit bff9d42b60
parent 3f18c3d709
4 changed files with 14 additions and 13 deletions
--- a/package.json
+++ b/package.json
@ -26,6 +26,7 @@
    "url": "https://github.com/notatestuser/gift.git"
  },
  "dependencies": {
+    "flex-exec": "^1.0.0",
    "underscore": "^1.8.3"
  },
  "devDependencies": {
--- a/src/index.coffee
+++ b/src/index.coffee
@ -1,5 +1,5 @@
-{exec} = require 'child_process'
-Repo   = require './repo'
+exec = require 'flex-exec'
+Repo = require './repo'

 # Public: Create a Repo from the given path.
 #
@ -20,13 +20,13 @@ Git.maxBuffer = 5000 * 1024
 Git.init = (path, bare, callback) ->
  [bare, callback] = [callback, bare] if !callback
  if bare
-    bash = "git init --bare ."
+    bash = ["git", "init", "--bare", "."]
  else
-    bash = "git init ."
+    bash = ["git", "init", "."]
  exec bash, {cwd: path}
  , (err, stdout, stderr) ->
-    return callback err if err
-    return callback err, (new Repo path, bare, { maxBuffer: Git.maxBuffer })
+    return callback err if err instanceof Error
+    return callback null, (new Repo path, bare, { maxBuffer: Git.maxBuffer })

 # Public: Clone a git repository.
 #
@ -42,13 +42,13 @@ Git.clone = (repository, path, depth = 0, branch = null, callback) ->
  if typeof depth is 'function'
    callback = depth
    depth = 0
-  bash = "git clone \"#{repository}\" \"#{path}\""
+  bash = ["git", "clone", repository, path]

  if branch isnt null and typeof branch is 'string'
-    bash += " --branch \"#{branch}\""
+    bash.push("--branch", branch)
  if depth isnt 0 and typeof depth is 'number'
-    bash += " --depth \"#{depth}\""
+    bash.push("--depth", depth)

  exec bash, (err, stdout, stderr) ->
-    return callback err if err
-    return callback err, (new Repo path, false, { maxBuffer: Git.maxBuffer })
+    return callback err if err instanceof Error
+    return callback null, (new Repo path, false, { maxBuffer: Git.maxBuffer })
--- a/test/index.test.coffee
+++ b/test/index.test.coffee
@ -2,7 +2,7 @@ should = require 'should'
 git    = require '../src'
 Repo   = require '../src/repo'
 fs     = require "fs"
-{exec} = require 'child_process'
+exec   = require 'flex-exec'

 describe "git", ->
  describe "()", ->
--- a/test/repo.test.coffee
+++ b/test/repo.test.coffee
@ -12,7 +12,7 @@ Tag      = require '../src/tag'
 Status   = require '../src/status'

 {Ref, Head} = require '../src/ref'
-{exec}      = require 'child_process'
+exec        = require 'flex-exec'

 describe "Repo", ->