1
0
Fork 0

Add test for password escaping

pull/5463/head
Jordi Boggiano 2016-06-21 11:01:09 +01:00
parent dbc7629bb2
commit 39c2c8c30a
2 changed files with 12 additions and 2 deletions

View File

@ -45,11 +45,11 @@ class ProcessExecutor
{
if ($this->io && $this->io->isDebug()) {
$safeCommand = preg_replace_callback('{(://)(?P<user>[^:/\s]+):(?P<password>[^@\s/]+)}i', function ($m) {
if (preg_match('{^[a-f0-9]{12,}$}', $m[2])) {
if (preg_match('{^[a-f0-9]{12,}$}', $m['user'])) {
return '://***:***';
}
return '://'.$m[2].':***';
return '://'.$m['user'].':***';
}, $command);
$this->io->writeError('Executing command ('.($cwd ?: 'CWD').'): '.$safeCommand);
}

View File

@ -14,6 +14,8 @@ namespace Composer\Test\Util;
use Composer\Util\ProcessExecutor;
use Composer\TestCase;
use Composer\IO\BufferIO;
use Symfony\Component\Console\Output\StreamOutput;
class ProcessExecutorTest extends TestCase
{
@ -48,6 +50,14 @@ class ProcessExecutorTest extends TestCase
ProcessExecutor::setTimeout(60);
}
public function testHidePasswords()
{
$process = new ProcessExecutor($buffer = new BufferIO('', StreamOutput::VERBOSITY_DEBUG));
$process->execute('echo https://foo:bar@example.org/ && echo http://foo@example.org && echo http://abcdef1234567890234578:x-oauth-token@github.com/', $output);
$this->assertEquals('Executing command (CWD): echo https://foo:***@example.org/ && echo http://foo@example.org && echo http://***:***@github.com/', trim($buffer->getOutput()));
}
public function testSplitLines()
{
$process = new ProcessExecutor;