You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ju...@apache.org on 2019/07/18 10:01:09 UTC
svn commit: r1863266 -
/subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in
Author: julianfoad
Date: Thu Jul 18 10:01:08 2019
New Revision: 1863266
URL: http://svn.apache.org/viewvc?rev=1863266&view=rev
Log:
On '1.10.x' branch: Backport r1863262 (Do not print password to screen in
svn_load_dirs.pl). A contrib script, so backported without voting.
Modified:
subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in
Modified: subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in
URL: http://svn.apache.org/viewvc/subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in?rev=1863266&r1=1863265&r2=1863266&view=diff
==============================================================================
--- subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in (original)
+++ subversion/branches/1.10.x/contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in Thu Jul 18 10:01:08 2019
@@ -196,7 +196,7 @@ elsif ( -f "$ENV{HOME}/.subversion/confi
{
if ( /^global-ignores\s*=\s*(.*?)\s*$/ )
{
- $ignores_str = $1;
+ $ignores_str = $1;
last;
}
}
@@ -1343,6 +1343,8 @@ sub usage
" -p filename table listing properties to apply to matching files\n",
" -svn_username username to perform commits as\n",
" -svn_password password to supply to svn commit\n",
+ " WARNING: passing the password in a command-line argument\n",
+ " may make it visible to other local OS users\n",
" -t tag_dir create a tag copy in tag_dir, relative to svn_url\n",
" -v increase program verbosity, multiple -v's allowed\n",
" -wc path use the already checked-out working copy at path\n",
@@ -1499,6 +1501,18 @@ sub file_info
return '?';
}
+# Copy arguments and replace what follows --password with '*'s.
+sub sanitize_pwd
+{
+ my @str = @_;
+ my $hide_next = 0;
+ foreach(@str) {
+ $_ = '*' x length if ( $hide_next );
+ $hide_next = ($_ eq '--password');
+ }
+ @str;
+}
+
# Start a child process safely without using /bin/sh.
sub safe_read_from_pipe
{
@@ -1510,7 +1524,7 @@ sub safe_read_from_pipe
my $openfork_available = "MSWin32" ne $OSNAME;
if ($openfork_available)
{
- print "Running @_\n";
+ print join(' ', &sanitize_pwd("Running", @_, "\n") );
my $pid = open(SAFE_READ, "-|");
unless (defined $pid)
{
@@ -1522,7 +1536,9 @@ sub safe_read_from_pipe
open(STDERR, ">&STDOUT")
or die "$0: cannot dup STDOUT: $!\n";
exec(@_)
- or die "$0: cannot exec '@_': $!\n";
+ or die "$0: cannot exec '"
+ . join(' ', &sanitize_pwd(@_) )
+ . "': $!\n";
}
}
else
@@ -1559,7 +1575,7 @@ sub safe_read_from_pipe
}
}
- print "Running @commandline\n";
+ print join(' ', &sanitize_pwd("Running", @commandline, "\n") );
if ( $comment ) { print $comment; }
# Now do the pipe.
@@ -1581,7 +1597,9 @@ sub safe_read_from_pipe
my $cd = $result & 128 ? "with core dump" : "";
if ($signal or $cd)
{
- warn "$0: pipe from '@_' failed $cd: exit=$exit signal=$signal\n";
+ warn "$0: pipe from '"
+ . join(' ', &sanitize_pwd(@_) )
+ . "' failed $cd: exit=$exit signal=$signal\n";
}
if (wantarray)
{
@@ -1604,8 +1622,9 @@ sub read_from_process
my ($status, @output) = &safe_read_from_pipe(@_);
if ($status)
{
- print STDERR "$0: @_ failed with this output:\n", join("\n", @output),
- "\n";
+ print STDERR
+ join(' ', &sanitize_pwd("$0:", @_, "failed with this output:\n") ),
+ join("\n", @output), "\n";
unless ($opt_no_user_input)
{
print STDERR
@@ -1657,7 +1676,7 @@ sub recursive_ls_and_hash
};
find({no_chdir => 1,
preprocess => sub
- {
+ {
grep
{
my $ok=1;