diff options
| author | Johannes Sixt <j6t@kdbg.org> | 2025-04-21 17:07:10 +0200 |
|---|---|---|
| committer | Taylor Blau <me@ttaylorr.com> | 2025-05-23 17:04:23 -0400 |
| commit | c2e8904258544f3d79dc4e96d1269c0ad8124db3 (patch) | |
| tree | 765508ff33690a5d1b7e3c7c7c3fb1070c74215a /lib/diff.tcl | |
| parent | 8255167b26003767b0ab50f498ffec33f80c2ef2 (diff) | |
| download | git-c2e8904258544f3d79dc4e96d1269c0ad8124db3.tar.xz | |
git-gui: treat file names beginning with "|" as relative paths
The Tcl 'open' function has a very wide interface. It can open files as
well as pipes to external processes. The difference is made only by the
first character of the file name: if it is "|", a process is spawned.
We have a number of calls of Tcl 'open' that take a file name from the
environment in which Git GUI is running. Be prepared that insane values
are injected. In particular, when we intend to open a file, do not take
a file name that happens to begin with "|" as a request to run a process.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Taylor Blau <me@ttaylorr.com>
Diffstat (limited to 'lib/diff.tcl')
| -rw-r--r-- | lib/diff.tcl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/diff.tcl b/lib/diff.tcl index 871ad488c2..f089fdc46b 100644 --- a/lib/diff.tcl +++ b/lib/diff.tcl @@ -202,7 +202,7 @@ proc show_other_diff {path w m cont_info} { set sz [string length $content] } file { - set fd [open $path r] + set fd [safe_open_file $path r] fconfigure $fd \ -eofchar {} \ -encoding [get_path_encoding $path] |