From 026c397d911cde55924d7eb1311d0fd6e2e105d5 Mon Sep 17 00:00:00 2001 From: Johannes Sixt Date: Sun, 23 Mar 2025 22:45:39 +0100 Subject: [PATCH] gitk: sanitize 'open' arguments: command pipeline As in the earlier commits, introduce a function that constructs a pipeline of commands after sanitizing the arguments. Signed-off-by: Johannes Sixt Signed-off-by: Taylor Blau --- gitk | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/gitk b/gitk index 2e37ddea96..9bd226ec83 100755 --- a/gitk +++ b/gitk @@ -82,6 +82,17 @@ proc safe_open_command_redirect {cmd redir} { open |[concat $cmd $redir] r } +# opens a pipeline with several commands for reading +# cmds is a list of lists, each of which specifies a command and its arguments +# calls `open` and returns the file id +proc safe_open_pipeline {cmds} { + set cmd {} + foreach subcmd $cmds { + set cmd [concat $cmd | [make_arglist_safe $subcmd]] + } + open $cmd r +} + # End exec/open wrappers proc hasworktree {} { @@ -3970,14 +3981,14 @@ proc show_line_source {} { set blamefile [file join $cdup $flist_menu_file] if {$from_index ne {}} { set blameargs [list \ - | git cat-file blob $from_index \ - | git blame -p -L$line,+1 --contents - -- $blamefile] + [list git cat-file blob $from_index] \ + [list git blame -p -L$line,+1 --contents - -- $blamefile]] } else { set blameargs [list \ - | git blame -p -L$line,+1 $id -- $blamefile] + [list git blame -p -L$line,+1 $id -- $blamefile]] } if {[catch { - set f [open $blameargs r] + set f [safe_open_pipeline $blameargs] } err]} { error_popup [mc "Couldn't start git blame: %s" $err] return -- 2.47.2