public/dropshell
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tidying

Browse Source
This commit is contained in:
j
2025-12-30 09:31:21 +13:00
parent 0917e1e3f3
commit 4bcbf12088
6 changed files with 79 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
source/src/utils/execute.cpp
View File

@@ -235,52 +235,45 @@ namespace dropshell
return "";
// need to construct to change directory and set environment variables
std::string cmdstr;
if (!bb64path.empty())
{
if (!mDir.empty())
cmdstr += "cd " + quote(mDir) + " && ";
if (!mVars.empty())
{
// Export variables so they're available for expansion in the command
for (const auto &env_var : mVars)
{
// Basic sanity check - skip invalid variable names
if (!is_valid_env_var_name(env_var.first))
{
error << "Skipping invalid environment variable name: " << env_var.first << std::endl;
continue;
}
// Very basic check for completely broken values that could break the command
// We still use quote() for proper escaping, but warn about suspicious values
const std::string &value = env_var.second;
if (value.find('\0') != std::string::npos)
{
error << "Skipping environment variable with null byte: " << env_var.first << std::endl;
continue;
}
cmdstr += "export " + env_var.first + "=" + quote(dequote(trim(value))) + " && ";
}
}
cmdstr += mCmd;
cmdstr = makesafecmd(bb64path, cmdstr);
}
else
if (bb64path.empty())
{ // raw! bootstrapping only.
ASSERT(mVars.empty(), "Bootstrapping command must not have environment variables");
if (!mDir.empty())
cmdstr += mDir + "/" + mCmd;
else
cmdstr += mCmd;
return (mDir.empty() ? mCmd : mDir + "/" + mCmd);
}
return cmdstr;
std::string cmdstr;
if (!mDir.empty())
cmdstr += "cd " + quote(mDir) + " && ";
if (!mVars.empty())
{
// Export variables so they're available for expansion in the command
for (const auto &env_var : mVars)
{
// Basic sanity check - skip invalid variable names
if (!is_valid_env_var_name(env_var.first))
{
error << "Skipping invalid environment variable name: " << env_var.first << std::endl;
continue;
}
// Very basic check for completely broken values that could break the command
// We still use quote() for proper escaping, but warn about suspicious values
const std::string &value = env_var.second;
if (value.find('\0') != std::string::npos)
{
error << "Skipping environment variable with null byte: " << env_var.first << std::endl;
continue;
}
cmdstr += "export " + env_var.first + "=" + quote(dequote(trim(value))) + " && ";
}
}
cmdstr += mCmd;
return makesafecmd(bb64path, cmdstr);
}
bool sSSHInfo::valid() const