Skip to content

Commit bf12529

Browse files
committed
Fix escaping of URLs in Perforce and Subversion drivers
1 parent 3d01ef2 commit bf12529

File tree

10 files changed

+32
-31
lines changed

10 files changed

+32
-31
lines changed

src/Composer/Repository/Vcs/FossilDriver.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -226,7 +226,7 @@ public static function supports(IOInterface $io, Config $config, $url, $deep = f
226226
return false;
227227
}
228228

229-
$process = new ProcessExecutor();
229+
$process = new ProcessExecutor($io);
230230
// check whether there is a fossil repo in that path
231231
if ($process->execute('fossil info', $output, $url) === 0) {
232232
return true;

src/Composer/Repository/Vcs/HgDriver.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -211,7 +211,7 @@ public static function supports(IOInterface $io, Config $config, $url, $deep = f
211211
return false;
212212
}
213213

214-
$process = new ProcessExecutor();
214+
$process = new ProcessExecutor($io);
215215
// check whether there is a hg repo in that path
216216
if ($process->execute('hg summary', $output, $url) === 0) {
217217
return true;
@@ -222,7 +222,7 @@ public static function supports(IOInterface $io, Config $config, $url, $deep = f
222222
return false;
223223
}
224224

225-
$processExecutor = new ProcessExecutor();
225+
$processExecutor = new ProcessExecutor($io);
226226
$exit = $processExecutor->execute(sprintf('hg identify %s', ProcessExecutor::escape($url)), $ignored);
227227

228228
return $exit === 0;

src/Composer/Repository/Vcs/SvnDriver.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -307,10 +307,10 @@ public static function supports(IOInterface $io, Config $config, $url, $deep = f
307307
return false;
308308
}
309309

310-
$processExecutor = new ProcessExecutor();
310+
$processExecutor = new ProcessExecutor($io);
311311

312312
$exit = $processExecutor->execute(
313-
"svn info --non-interactive {$url}",
313+
"svn info --non-interactive ".ProcessExecutor::escape('{'.$url.'}'),
314314
$ignoredOutput
315315
);
316316

src/Composer/Util/Bitbucket.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ public function __construct(IOInterface $io, Config $config, ProcessExecutor $pr
4444
{
4545
$this->io = $io;
4646
$this->config = $config;
47-
$this->process = $process ?: new ProcessExecutor;
47+
$this->process = $process ?: new ProcessExecutor($io);
4848
$this->remoteFilesystem = $remoteFilesystem ?: Factory::createRemoteFilesystem($this->io, $config);
4949
$this->time = $time;
5050
}

src/Composer/Util/Filesystem.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -527,7 +527,7 @@ protected function directorySize($directory)
527527

528528
protected function getProcess()
529529
{
530-
return new ProcessExecutor;
530+
return $this->processExecutor;
531531
}
532532

533533
/**

src/Composer/Util/GitHub.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ public function __construct(IOInterface $io, Config $config, ProcessExecutor $pr
3939
{
4040
$this->io = $io;
4141
$this->config = $config;
42-
$this->process = $process ?: new ProcessExecutor;
42+
$this->process = $process ?: new ProcessExecutor($io);
4343
$this->remoteFilesystem = $remoteFilesystem ?: Factory::createRemoteFilesystem($this->io, $config);
4444
}
4545

src/Composer/Util/GitLab.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ public function __construct(IOInterface $io, Config $config, ProcessExecutor $pr
4040
{
4141
$this->io = $io;
4242
$this->config = $config;
43-
$this->process = $process ?: new ProcessExecutor();
43+
$this->process = $process ?: new ProcessExecutor($io);
4444
$this->remoteFilesystem = $remoteFilesystem ?: Factory::createRemoteFilesystem($this->io, $config);
4545
}
4646

src/Composer/Util/Perforce.php

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ public static function checkServerExists($url, ProcessExecutor $processExecutor)
5858
{
5959
$output = null;
6060

61-
return 0 === $processExecutor->execute('p4 -p ' . $url . ' info -s', $output);
61+
return 0 === $processExecutor->execute('p4 -p ' . ProcessExecutor::escape($url) . ' info -s', $output);
6262
}
6363

6464
public function initialize($repoConfig)
@@ -105,7 +105,7 @@ public function generateUniquePerforceClientName()
105105
public function cleanupClientSpec()
106106
{
107107
$client = $this->getClient();
108-
$task = 'client -d ' . $client;
108+
$task = 'client -d ' . ProcessExecutor::escape($client);
109109
$useP4Client = false;
110110
$command = $this->generateP4Command($task, $useP4Client);
111111
$this->executeCommand($command);
@@ -383,7 +383,7 @@ public function p4Login()
383383
if ($this->windowsFlag) {
384384
$this->windowsLogin($password);
385385
} else {
386-
$command = 'echo ' . $password . ' | ' . $this->generateP4Command(' login -a', false);
386+
$command = 'echo ' . ProcessExecutor::escape($password) . ' | ' . $this->generateP4Command(' login -a', false);
387387
$exitCode = $this->executeCommand($command);
388388
$result = trim($this->commandResult);
389389
if ($exitCode) {
@@ -408,7 +408,7 @@ public function getFileContent($file, $identifier)
408408
{
409409
$path = $this->getFilePath($file, $identifier);
410410

411-
$command = $this->generateP4Command(' print ' . $path);
411+
$command = $this->generateP4Command(' print ' . ProcessExecutor::escape($path));
412412
$this->executeCommand($command);
413413
$result = $this->commandResult;
414414

@@ -429,7 +429,7 @@ public function getFilePath($file, $identifier)
429429
}
430430

431431
$path = substr($identifier, 0, $index) . '/' . $file . substr($identifier, $index);
432-
$command = $this->generateP4Command(' files ' . $path, false);
432+
$command = $this->generateP4Command(' files ' . ProcessExecutor::escape($path), false);
433433
$this->executeCommand($command);
434434
$result = $this->commandResult;
435435
$index2 = strpos($result, 'no such file(s).');
@@ -452,7 +452,7 @@ public function getBranches()
452452
if (!$this->isStream()) {
453453
$possibleBranches[$this->p4Branch] = $this->getStream();
454454
} else {
455-
$command = $this->generateP4Command('streams //' . $this->p4Depot . '/...');
455+
$command = $this->generateP4Command('streams '.ProcessExecutor::escape('//' . $this->p4Depot . '/...'));
456456
$this->executeCommand($command);
457457
$result = $this->commandResult;
458458
$resArray = explode(PHP_EOL, $result);
@@ -464,7 +464,7 @@ public function getBranches()
464464
}
465465
}
466466
}
467-
$command = $this->generateP4Command('changes '. $this->getStream() . '/...', false);
467+
$command = $this->generateP4Command('changes '. ProcessExecutor::escape($this->getStream() . '/...'), false);
468468
$this->executeCommand($command);
469469
$result = $this->commandResult;
470470
$resArray = explode(PHP_EOL, $result);
@@ -527,7 +527,7 @@ protected function getChangeList($reference)
527527
return null;
528528
}
529529
$label = substr($reference, $index);
530-
$command = $this->generateP4Command(' changes -m1 ' . $label);
530+
$command = $this->generateP4Command(' changes -m1 ' . ProcessExecutor::escape($label));
531531
$this->executeCommand($command);
532532
$changes = $this->commandResult;
533533
if (strpos($changes, 'Change') !== 0) {
@@ -555,7 +555,7 @@ public function getCommitLogs($fromReference, $toReference)
555555
}
556556
$index = strpos($fromReference, '@');
557557
$main = substr($fromReference, 0, $index) . '/...';
558-
$command = $this->generateP4Command('filelog ' . $main . '@' . $fromChangeList. ',' . $toChangeList);
558+
$command = $this->generateP4Command('filelog ' . ProcessExecutor::escape($main . '@' . $fromChangeList. ',' . $toChangeList));
559559
$this->executeCommand($command);
560560

561561
return $this->commandResult;

src/Composer/Util/Svn.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ public function __construct($url, IOInterface $io, Config $config, ProcessExecut
7979
$this->url = $url;
8080
$this->io = $io;
8181
$this->config = $config;
82-
$this->process = $process ?: new ProcessExecutor;
82+
$this->process = $process ?: new ProcessExecutor($io);
8383
}
8484

8585
public static function cleanEnv()

tests/Composer/Test/Util/PerforceTest.php

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414

1515
use Composer\Util\Perforce;
1616
use PHPUnit\Framework\TestCase;
17+
use Composer\Util\ProcessExecutor;
1718

1819
/**
1920
* @author Matt Whittom <Matt.Whittom@veteransunited.com>
@@ -344,7 +345,7 @@ public function testGetBranchesWithStream()
344345
{
345346
$this->setPerforceToStream();
346347

347-
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port streams //depot/...';
348+
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port streams '.ProcessExecutor::escape('//depot/...');
348349
$this->processExecutor->expects($this->at(0))
349350
->method('execute')
350351
->with($this->equalTo($expectedCommand))
@@ -357,7 +358,7 @@ function ($command, &$output) {
357358
}
358359
)
359360
);
360-
$expectedCommand2 = 'p4 -u user -p port changes //depot/branch/...';
361+
$expectedCommand2 = 'p4 -u user -p port changes '.ProcessExecutor::escape('//depot/branch/...');
361362
$expectedCallback = function ($command, &$output) {
362363
$output = 'Change 1234 on 2014/03/19 by Clark.Stuth@Clark.Stuth_test_client \'test changelist\'';
363364

@@ -374,7 +375,7 @@ function ($command, &$output) {
374375

375376
public function testGetBranchesWithoutStream()
376377
{
377-
$expectedCommand = 'p4 -u user -p port changes //depot/...';
378+
$expectedCommand = 'p4 -u user -p port changes '.ProcessExecutor::escape('//depot/...');
378379
$expectedCallback = function ($command, &$output) {
379380
$output = 'Change 5678 on 2014/03/19 by Clark.Stuth@Clark.Stuth_test_client \'test changelist\'';
380381

@@ -458,7 +459,7 @@ function ($command, &$output) {
458459

459460
public function testGetComposerInformationWithoutLabelWithoutStream()
460461
{
461-
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot -p port print //depot/composer.json';
462+
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot -p port print '.ProcessExecutor::escape('//depot/composer.json');
462463
$this->processExecutor->expects($this->at(0))
463464
->method('execute')
464465
->with($this->equalTo($expectedCommand))
@@ -484,7 +485,7 @@ function ($command, &$output) {
484485

485486
public function testGetComposerInformationWithLabelWithoutStream()
486487
{
487-
$expectedCommand = 'p4 -u user -p port files //depot/composer.json@0.0.1';
488+
$expectedCommand = 'p4 -u user -p port files '.ProcessExecutor::escape('//depot/composer.json@0.0.1');
488489
$this->processExecutor->expects($this->at(0))
489490
->method('execute')
490491
->with($this->equalTo($expectedCommand))
@@ -498,7 +499,7 @@ function ($command, &$output) {
498499
)
499500
);
500501

501-
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot -p port print //depot/composer.json@10001';
502+
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot -p port print '.ProcessExecutor::escape('//depot/composer.json@10001');
502503
$this->processExecutor->expects($this->at(1))
503504
->method('execute')
504505
->with($this->equalTo($expectedCommand))
@@ -527,7 +528,7 @@ public function testGetComposerInformationWithoutLabelWithStream()
527528
{
528529
$this->setPerforceToStream();
529530

530-
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port print //depot/branch/composer.json';
531+
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port print '.ProcessExecutor::escape('//depot/branch/composer.json');
531532
$this->processExecutor->expects($this->at(0))
532533
->method('execute')
533534
->with($this->equalTo($expectedCommand))
@@ -555,7 +556,7 @@ function ($command, &$output) {
555556
public function testGetComposerInformationWithLabelWithStream()
556557
{
557558
$this->setPerforceToStream();
558-
$expectedCommand = 'p4 -u user -p port files //depot/branch/composer.json@0.0.1';
559+
$expectedCommand = 'p4 -u user -p port files '.ProcessExecutor::escape('//depot/branch/composer.json@0.0.1');
559560
$this->processExecutor->expects($this->at(0))
560561
->method('execute')
561562
->with($this->equalTo($expectedCommand))
@@ -569,7 +570,7 @@ function ($command, &$output) {
569570
)
570571
);
571572

572-
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port print //depot/branch/composer.json@10001';
573+
$expectedCommand = 'p4 -u user -c composer_perforce_TEST_depot_branch -p port print '.ProcessExecutor::escape('//depot/branch/composer.json@10001');
573574
$this->processExecutor->expects($this->at(1))
574575
->method('execute')
575576
->with($this->equalTo($expectedCommand))
@@ -621,7 +622,7 @@ public function testCheckServerExists()
621622
{
622623
$processExecutor = $this->getMockBuilder('Composer\Util\ProcessExecutor')->getMock();
623624

624-
$expectedCommand = 'p4 -p perforce.does.exist:port info -s';
625+
$expectedCommand = 'p4 -p '.ProcessExecutor::escape('perforce.does.exist:port').' info -s';
625626
$processExecutor->expects($this->at(0))
626627
->method('execute')
627628
->with($this->equalTo($expectedCommand), $this->equalTo(null))
@@ -642,7 +643,7 @@ public function testCheckServerClientError()
642643
{
643644
$processExecutor = $this->getMockBuilder('Composer\Util\ProcessExecutor')->getMock();
644645

645-
$expectedCommand = 'p4 -p perforce.does.exist:port info -s';
646+
$expectedCommand = 'p4 -p '.ProcessExecutor::escape('perforce.does.exist:port').' info -s';
646647
$processExecutor->expects($this->at(0))
647648
->method('execute')
648649
->with($this->equalTo($expectedCommand), $this->equalTo(null))
@@ -712,7 +713,7 @@ public function testCleanupClientSpecShouldDeleteClient()
712713
$this->perforce->setFilesystem($fs);
713714

714715
$testClient = $this->perforce->getClient();
715-
$expectedCommand = 'p4 -u ' . self::TEST_P4USER . ' -p ' . self::TEST_PORT . ' client -d ' . $testClient;
716+
$expectedCommand = 'p4 -u ' . self::TEST_P4USER . ' -p ' . self::TEST_PORT . ' client -d ' . ProcessExecutor::escape($testClient);
716717
$this->processExecutor->expects($this->once())->method('execute')->with($this->equalTo($expectedCommand));
717718

718719
$fs->expects($this->once())->method('remove')->with($this->perforce->getP4ClientSpec());

0 commit comments

Comments
 (0)