wszystkie opcje
bullseye  ] [  bookworm  ] [  trixie  ] [  sid  ]
[ Pakiet źródłowy: golang-github-cli-safeexec  ]

Pakiet: golang-github-cli-safeexec-dev (1.0.1-1)

Odnośniki dla golang-github-cli-safeexec-dev

Screenshot

Zasoby systemu Debian:

Pobieranie pakietu źródłowego golang-github-cli-safeexec:

Opiekunowie:

Zasoby zewnętrzne:

Podobne pakiety:

safer version of exec.LookPath on Windows

safeexec is a Go module that provides a safer alternative to exec.LookPath() on Windows.

The following, relatively common approach to running external commands has a subtle vulnerability on Windows: 

  import "os/exec"


  func gitStatus() error {
      // On Windows, this will result in .\git.exe or .\git.bat being executed
      // if either were found in the current working directory.
      cmd := exec.Command("git", "status") return cmd.Run()
  }

Searching the current directory (surprising behavior) before searching folders listed in the PATH environment variable (expected behavior) seems to be intended in Go and unlikely to be changed: https://github.com/golang/go/issues/38736

Since Go does not provide a version of exec.LookPath() that only searches PATH and does not search the current working directory, this module provides a LookPath function that works consistently across platforms.

Example use: 

  import (
      "os/exec" "github.com/cli/safeexec"
  )


  func gitStatus() error {
      gitBin, err := safeexec.LookPath("git")
      if err != nil {
          return err
      }
      cmd := exec.Command(gitBin, "status")
      return cmd.Run()
  }

Pobieranie golang-github-cli-safeexec-dev

Pobierz dla wszystkich dostępnych architektur
Architektura Rozmiar pakietu Rozmiar po instalacji Pliki
all 5,6 KiB33,0 KiB [lista plików]