Re: svn system() replacement ?

On 28 Jan 2002, Philip Martin wrote:

> svn_io_run_cmd() is using apr_procattr_cmdtype_set(APR_PROGRAM) which
> causes a direct execve, rather than going via an intermediate shell. The
> system() call however does use an intermediate shell. Going through the
> shell is considered a security risk in situations where that matters, and
> invoking diff/patch during an update is probably such a situation.
>
> If you really intend to use a shell there are two options. Either add an
> additional parameter to svn_io_run_cmd to determine which of
> APR_PROGRAM/APR_SHELLCMD to use, or call apr_proc_create directly.

Thanks for these details, Philip!

I figure using a shell is the easiest way to get this to work. After all, I
bet editors in general will behave better if invoked from one.

So, I hacked up a function that looks like this:

/* suggested new function */
svn_error_t *
svn_io_shell_cmd (const char *path,
                  const char *cmdline,
                  const char *const *env,
                  int *exitcode,
                  apr_exit_why_e *exitwhy,
                  apr_pool_t *pool);

This works as a system() replacement.

The third argument above needs attention. The environment must be passed to
the commit function after being received in the main function's third
argument. This probably requires that all client functions called from the
main subcommand->cmd_func "thing" must support an additional "const char *
const *penv" argument.

Currently (in my working code) I build a faked "environment" by setting
"TERM=vt100" as emacs refuse to run properly unless it get a TERM variable
that it recognizes! And this faked thing looks reeeeeally ugly!

-- 
      Daniel Stenberg - http://daniel.haxx.se - +46-705-44 31 77
   ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org