From: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu, 16 Oct 2025 09:23:27 +0000 (+0100)
Subject: scripts: use subprocess.run instead of os.system
X-Git-Tag: CVE-2025-12748~64
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15c9ca383c2a814c61cc4ed16b4dad91221d8129;p=thirdparty%2Flibvirt.git

scripts: use subprocess.run instead of os.system

The subprocess.run command avoids using the shell and so is robust
should sys.argv contain any whitespace or unexpected shell meta
characters.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/scripts/check-file-access.py b/scripts/check-file-access.py
index 2636eb4f96..71130d4dec 100755
--- a/scripts/check-file-access.py
+++ b/scripts/check-file-access.py
@@ -23,6 +23,7 @@
 
 import os
 import re
+import subprocess
 import sys
 import tempfile
 
@@ -36,11 +37,9 @@ permitted_file = os.path.join(abs_srcdir, 'permitted_file_access.txt')
 
 os.environ['VIR_TEST_FILE_ACCESS_OUTPUT'] = access_file
 
-test = ' '.join(sys.argv[1:])
+proc = subprocess.run(sys.argv[1:])
 
-ret = os.system(test)
-
-if ret != 0 or os.read(access_fd, 10) == b'':
+if proc.returncode != 0 or os.read(access_fd, 10) == b'':
     os.close(access_fd)
     os.remove(access_file)
     sys.exit(ret)