1
0
Fork 0

Avoid escaping too early to prevent issues

pull/529/head
Jordi Boggiano 2012-04-04 17:11:50 +02:00
parent 13a2bc6ff0
commit a3fa19a716
2 changed files with 6 additions and 8 deletions

View File

@ -25,12 +25,12 @@ class GitDownloader extends VcsDownloader
*/ */
public function doDownload(PackageInterface $package, $path) public function doDownload(PackageInterface $package, $path)
{ {
$ref = escapeshellarg($package->getSourceReference()); $ref = $package->getSourceReference();
$command = 'git clone %s %s && cd %2$s && git checkout %3$s && git reset --hard %3$s'; $command = 'git clone %s %s && cd %2$s && git checkout %3$s && git reset --hard %3$s';
$this->io->write(" Cloning ".$package->getSourceReference()); $this->io->write(" Cloning ".$package->getSourceReference());
$commandCallable = function($url) use ($ref, $path, $command) { $commandCallable = function($url) use ($ref, $path, $command) {
return sprintf($command, $url, escapeshellarg($path), $ref); return sprintf($command, escapeshellarg($url), escapeshellarg($path), escapeshellarg($ref));
}; };
$this->runCommand($commandCallable, $package->getSourceUrl(), $path); $this->runCommand($commandCallable, $package->getSourceUrl(), $path);
@ -42,13 +42,12 @@ class GitDownloader extends VcsDownloader
*/ */
public function doUpdate(PackageInterface $initial, PackageInterface $target, $path) public function doUpdate(PackageInterface $initial, PackageInterface $target, $path)
{ {
$ref = escapeshellarg($target->getSourceReference()); $ref = $target->getSourceReference();
$path = escapeshellarg($path);
$this->io->write(" Checking out ".$target->getSourceReference()); $this->io->write(" Checking out ".$target->getSourceReference());
$command = 'cd %s && git remote set-url origin %s && git fetch origin && git fetch --tags origin && git checkout %3$s && git reset --hard %3$s'; $command = 'cd %s && git remote set-url origin %s && git fetch origin && git fetch --tags origin && git checkout %3$s && git reset --hard %3$s';
$commandCallable = function($url) use ($ref, $path, $command) { $commandCallable = function($url) use ($ref, $path, $command) {
return sprintf($command, $path, $url, $ref); return sprintf($command, escapeshellarg($path), escapeshellarg($url), escapeshellarg($ref));
}; };
$this->runCommand($commandCallable, $target->getSourceUrl()); $this->runCommand($commandCallable, $target->getSourceUrl());
@ -86,7 +85,7 @@ class GitDownloader extends VcsDownloader
if (preg_match('{^(?:https?|git)(://github.com/.*)}', $url, $match)) { if (preg_match('{^(?:https?|git)(://github.com/.*)}', $url, $match)) {
$protocols = array('git', 'https', 'http'); $protocols = array('git', 'https', 'http');
foreach ($protocols as $protocol) { foreach ($protocols as $protocol) {
$url = escapeshellarg($protocol . $match[1]); $url = $protocol . $match[1];
if (0 === $this->process->execute(call_user_func($commandCallable, $url), $handler)) { if (0 === $this->process->execute(call_user_func($commandCallable, $url), $handler)) {
return; return;
} }
@ -97,7 +96,6 @@ class GitDownloader extends VcsDownloader
throw new \RuntimeException('Failed to checkout ' . $url .' via git, https and http protocols, aborting.' . "\n\n" . $this->process->getErrorOutput()); throw new \RuntimeException('Failed to checkout ' . $url .' via git, https and http protocols, aborting.' . "\n\n" . $this->process->getErrorOutput());
} }
$url = escapeshellarg($url);
$command = call_user_func($commandCallable, $url); $command = call_user_func($commandCallable, $url);
if (0 !== $this->process->execute($command, $handler)) { if (0 !== $this->process->execute($command, $handler)) {
throw new \RuntimeException('Failed to execute ' . $command . "\n\n" . $this->process->getErrorOutput()); throw new \RuntimeException('Failed to execute ' . $command . "\n\n" . $this->process->getErrorOutput());

View File

@ -92,7 +92,7 @@ class GitDownloaderTest extends \PHPUnit_Framework_TestCase
$expectedGitCommand = $this->getCmd("git remote set-url --push origin 'git@github.com:composer/composer.git'"); $expectedGitCommand = $this->getCmd("git remote set-url --push origin 'git@github.com:composer/composer.git'");
$processExecutor->expects($this->at(3)) $processExecutor->expects($this->at(3))
->method('execute') ->method('execute')
->with($this->equalTo($expectedGitCommand)) ->with($this->equalTo($expectedGitCommand), $this->equalTo(null), $this->equalTo('composerPath'))
->will($this->returnValue(0)); ->will($this->returnValue(0));
$downloader = $this->getDownloaderMock(null, $processExecutor); $downloader = $this->getDownloaderMock(null, $processExecutor);