github.com/gohugoio/hugo@v0.88.1/common/hexec/safeCommand.go

github.com/gohugoio/hugo@v0.88.1/common/hexec/safeCommand.go (about)

     1  // Copyright 2020 The Hugo Authors. All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  // http://www.apache.org/licenses/LICENSE-2.0
     7  //
     8  // Unless required by applicable law or agreed to in writing, software
     9  // distributed under the License is distributed on an "AS IS" BASIS,
    10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    11  // See the License for the specific language governing permissions and
    12  // limitations under the License.
    13  
    14  package hexec
    15  
    16  import (
    17  	"context"
    18  
    19  	"os/exec"
    20  
    21  	"github.com/cli/safeexec"
    22  )
    23  
    24  // SafeCommand is a wrapper around os/exec Command which uses a LookPath
    25  // implementation that does not search in current directory before looking in PATH.
    26  // See https://github.com/cli/safeexec and the linked issues.
    27  func SafeCommand(name string, arg ...string) (*exec.Cmd, error) {
    28  	bin, err := safeexec.LookPath(name)
    29  	if err != nil {
    30  		return nil, err
    31  	}
    32  
    33  	return exec.Command(bin, arg...), nil
    34  }
    35  
    36  // SafeCommandContext wraps CommandContext
    37  // See SafeCommand for more context.
    38  func SafeCommandContext(ctx context.Context, name string, arg ...string) (*exec.Cmd, error) {
    39  	bin, err := safeexec.LookPath(name)
    40  	if err != nil {
    41  		return nil, err
    42  	}
    43  
    44  	return exec.CommandContext(ctx, bin, arg...), nil
    45  }