On 5 Dec 2007, at 5:59:12 AM, Junio C Hamano wrote:
+ ### Then hooks/post-update
+ $hook = $ENV{GIT_DIR}.'hooks/post-update';
+ if (-x $hook) {
+ system($hook, "refs/heads/$state->{module}");
+ }
+
Firstly, I apologize for not getting this small patch done myself;
it's very hectic this time of year.
Secondly, I'd like to recall my unanswered question:
Also, I explicitly decided to pipe input into post-receive
by hand rather than relying on a system() call that someone
might exploit maliciously:
### Emulate git-receive-pack by running hooks/post-receive
my $hook = $ENV{GIT_DIR}.'hooks/post-receive';
if( -x $hook ) {
open(my $pipe, "| $hook") || die "can't fork $!";
local $SIG{PIPE} = sub { die 'pipe broke' };
print $pipe "$parenthash $commithash refs/heads/$state->{module}\n";
close $pipe || die "bad pipe: $! $?";
}
Unfortunately, it turns out that open() with a pipe essentially
invokes system(); the solution is to fork a child process and
then to turn the child into the process with which communication
is desired via a call to exec().
Because the rest of git-cvsserver.perl uses explicit system()
calls, I have been wondering if I am being overly cautious.
Am I being overly cautious?
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
