test suite reviews and discussions
 help / color / Atom feed
* [dts] [PATCH V1] framework/main: use safer methods instead of unsafe methods
@ 2020-09-10 18:53 LihongX Ma
  2020-09-15  8:36 ` Tu, Lijuan
  0 siblings, 1 reply; 2+ messages in thread
From: LihongX Ma @ 2020-09-10 18:53 UTC (permalink / raw)
  To: dts; +Cc: LihongX Ma

it is unsafe to call a system command or execute an external program
with user input, so use the safer method instead of it.

Signed-off-by: LihongX Ma <lihongx.ma@intel.com>
---
 framework/main.py | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/framework/main.py b/framework/main.py
index f6e3ae9..a081b85 100755
--- a/framework/main.py
+++ b/framework/main.py
@@ -37,6 +37,7 @@ A test framework for testing DPDK.
 import os
 import sys
 import argparse
+import subprocess
 
 # change operation directory
 os.chdir("../")
@@ -48,14 +49,17 @@ sys.path.append(cwd + '/dep')
 
 import dts
 
-def git_build_package(gitLabel, pkgName, depot="dep"):
+def git_build_package(gitLabel, pkgName):
     """
     generate package from git, if dpdk existed will pull latest code
     """
     gitURL = r"http://dpdk.org/git/dpdk"
     gitPrefix = r"dpdk/"
+    depot = r"dep"
     if os.path.exists("%s/%s" % (depot, gitPrefix)) is True:
-        ret = os.system("cd %s/%s && git pull --force" % (depot, gitPrefix))
+        os.chdir("%s/%s" % (depot, gitPrefix))
+        ret = os.system("git pull --force")
+        os.chdir(cwd)
     else:
         print("git clone %s %s/%s" % (gitURL, depot, gitPrefix))
         ret = os.system("git clone %s %s/%s" % (gitURL, depot, gitPrefix))
@@ -63,9 +67,17 @@ def git_build_package(gitLabel, pkgName, depot="dep"):
         raise EnvironmentError
 
     print("git archive --format=tar.gz --prefix=%s %s -o %s" % (gitPrefix, gitLabel, pkgName))
-    ret = os.system("cd %s/%s && git archive --format=tar.gz --prefix=%s/ %s -o ../%s"
-                    % (depot, gitPrefix, gitPrefix, gitLabel, pkgName))
-    if ret != 0:
+    os.chdir("%s/%s/%s" % (cwd, depot, gitPrefix))
+    try:
+        ret = subprocess.run(["git", "archive", "--format=tar.gz", "--prefix=%s/" % gitPrefix,
+                              "%s" % gitLabel, "-o", "../%s" % pkgName], shell=False)
+    except Exception as e:
+        print("git archive failed of : %s" % str(e))
+        sys.exit()
+
+    os.chdir(cwd)
+    if ret.returncode != 0:
+        print(ret)
         raise EnvironmentError
 
 
-- 
2.7.4


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [dts] [PATCH V1] framework/main: use safer methods instead of unsafe methods
  2020-09-10 18:53 [dts] [PATCH V1] framework/main: use safer methods instead of unsafe methods LihongX Ma
@ 2020-09-15  8:36 ` Tu, Lijuan
  0 siblings, 0 replies; 2+ messages in thread
From: Tu, Lijuan @ 2020-09-15  8:36 UTC (permalink / raw)
  To: Ma, LihongX, dts; +Cc: Ma, LihongX

> Subject: [dts] [PATCH V1] framework/main: use safer methods instead of unsafe
> methods
> 
> it is unsafe to call a system command or execute an external program with user
> input, so use the safer method instead of it.
> 
> Signed-off-by: LihongX Ma <lihongx.ma@intel.com>

Applied

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-10 18:53 [dts] [PATCH V1] framework/main: use safer methods instead of unsafe methods LihongX Ma
2020-09-15  8:36 ` Tu, Lijuan

test suite reviews and discussions

Archives are clonable:
	git clone --mirror http://inbox.dpdk.org/dts/0 dts/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dts dts/ http://inbox.dpdk.org/dts \
		dts@dpdk.org
	public-inbox-index dts


Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dts


AGPL code for this site: git clone https://public-inbox.org/ public-inbox