diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-05-13 02:08:00 -0700 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-05-13 02:08:00 -0700 |
| commit | 0a4a6f5921b256feabc2a1c95db2346254914efc (patch) | |
| tree | e6c25657d5aa0653794422413e8a87461a2708ec /lib | |
| parent | d3ca12a1433ca518c3a71b2e768bc07666242d18 (diff) | |
| parent | ba21546a583750b0390f3ac19a6c0eda79a44bed (diff) | |
| download | gitlab-ce-0a4a6f5921b256feabc2a1c95db2346254914efc.tar.gz | |
Merge pull request #3918 from joeandaverde/unsanitized
System calls to gitlab-shell were using unsanitized user input
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/backend/shell.rb | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/lib/gitlab/backend/shell.rb b/lib/gitlab/backend/shell.rb index 2c3ea902d93..991648f3f79 100644 --- a/lib/gitlab/backend/shell.rb +++ b/lib/gitlab/backend/shell.rb @@ -10,7 +10,7 @@ module Gitlab # add_repository("gitlab/gitlab-ci") # def add_repository(name) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects add-project #{name}.git") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects", "add-project", "#{name}.git" end # Import repository @@ -21,7 +21,7 @@ module Gitlab # import_repository("gitlab/gitlab-ci", "https://github.com/randx/six.git") # def import_repository(name, url) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects import-project #{name}.git #{url}") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects", "import-project", "#{name}.git", url end # Move repository @@ -33,7 +33,7 @@ module Gitlab # mv_repository("gitlab/gitlab-ci", "randx/gitlab-ci-new.git") # def mv_repository(path, new_path) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects mv-project #{path}.git #{new_path}.git") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects", "mv-project", "#{path}.git", "#{new_path}.git" end # Fork repository to new namespace @@ -45,7 +45,7 @@ module Gitlab # fork_repository("gitlab/gitlab-ci", "randx") # def fork_repository(path, fork_namespace) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects fork-project #{path}.git #{fork_namespace}") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects", "fork-project", "#{path}.git", fork_namespace end # Remove repository from file system @@ -56,7 +56,7 @@ module Gitlab # remove_repository("gitlab/gitlab-ci") # def remove_repository(name) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects rm-project #{name}.git") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects", "rm-project", "#{name}.git" end # Add new key to gitlab-shell @@ -65,7 +65,7 @@ module Gitlab # add_key("key-42", "sha-rsa ...") # def add_key(key_id, key_content) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys add-key #{key_id} \"#{key_content}\"") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys", "add-key", key_id, key_content end # Remove ssh key from gitlab shell @@ -74,7 +74,7 @@ module Gitlab # remove_key("key-342", "sha-rsa ...") # def remove_key(key_id, key_content) - system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys rm-key #{key_id} \"#{key_content}\"") + system "#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys", "rm-key", key_id, key_content end # Add empty directory for storing repositories |