Refactor git command arguments and make all arguments to be safe to be used (#21535)

Follow #21464 Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
2025-06-21 13:38:00 +02:00 · 2022-10-23 22:44:45 +08:00
parent 4eeea7b30e
commit dcd9fc7ee8
71 changed files with 425 additions and 391 deletions
--- a/routers/private/hook_pre_receive.go
+++ b/routers/private/hook_pre_receive.go
@ -186,7 +186,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID, refFullN

 	// 2. Disallow force pushes to protected branches
 	if git.EmptySHA != oldCommitID {
-		output, _, err := git.NewCommand(ctx, "rev-list", "--max-count=1", oldCommitID, "^"+newCommitID).RunStdString(&git.RunOpts{Dir: repo.RepoPath(), Env: ctx.env})
+		output, _, err := git.NewCommand(ctx, "rev-list", "--max-count=1").AddDynamicArguments(oldCommitID, "^"+newCommitID).RunStdString(&git.RunOpts{Dir: repo.RepoPath(), Env: ctx.env})
 		if err != nil {
 			log.Error("Unable to detect force push between: %s and %s in %-v Error: %v", oldCommitID, newCommitID, repo, err)
 			ctx.JSON(http.StatusInternalServerError, private.Response{
--- a/routers/private/hook_verification.go
+++ b/routers/private/hook_verification.go
@ -44,7 +44,7 @@ func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env []
 	}()

 	// This is safe as force pushes are already forbidden
-	err = git.NewCommand(repo.Ctx, "rev-list", oldCommitID+"..."+newCommitID).
+	err = git.NewCommand(repo.Ctx, "rev-list").AddDynamicArguments(oldCommitID + "..." + newCommitID).
 		Run(&git.RunOpts{
 			Env:    env,
 			Dir:    repo.Path,
@ -91,7 +91,7 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error {
 	}()
 	hash := git.MustIDFromString(sha)

-	return git.NewCommand(repo.Ctx, "cat-file", "commit", sha).
+	return git.NewCommand(repo.Ctx, "cat-file", "commit").AddDynamicArguments(sha).
 		Run(&git.RunOpts{
 			Env:    env,
 			Dir:    repo.Path,