[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn system() replacement ?

From: Philip Martin <philip_at_codematters.co.uk>
Date: 2002-01-28 11:41:34 CET

Daniel Stenberg <daniel@haxx.se> writes:

> Right, I wasn't verbose enough. More tests show that this fails because of
> two different reasons that I need to address:
>
> 1. svn_io_run_cmd() doesn't find editors I have in my path, I must specify
> the editor with full path, which breaks the "normal" $EDITOR behavior.
>
> 2. svn_io_run_cmd() doesn't seem to pass on the environment to the child
> process in the same style system() does, which makes emacs fail to start
> with this error message: "Please set the environment variable TERM; see
> tset(1).". It makes no difference if I set TERM to vt100 or xterm before
> invoking 'svn ci', and not even 'emacs -nw' works as it says the same.
> (setting EDITOR to "/bin/vi" works though, it doesn't seem as picky).
>
> Problem 1 could possibly be fixed by scanning the path for the command first
> (do we have a way of doing that already?), but I don't know how problem 2 is
> best addressed.

On a Unix box (don't know about Win32)...

svn_io_run_cmd() is using apr_procattr_cmdtype_set(APR_PROGRAM) which
causes a direct execve, rather than going via an intermediate
shell. The system() call however does use an intermediate shell. Going
through the shell is considered a security risk in situations where
that matters, and invoking diff/patch during an update is probably
such a situation.

If you really intend to use a shell there are two options. Either add
an additional parameter to svn_io_run_cmd to determine which of
APR_PROGRAM/APR_SHELLCMD to use, or call apr_proc_create directly.

-- 
Philip
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:37:00 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.