new-driver: do not use shell=True when using Popen
authorDavid Douard <david.douard@logilab.fr>
Mon, 30 May 2016 20:00:43 +0000 (22:00 +0200)
committerUwe Hermann <uwe@hermann-uwe.de>
Thu, 9 Jun 2016 10:19:22 +0000 (12:19 +0200)
There is no need for this, and it is always best not to use it if not relly
needed.

Also pass cmd to Popen as list instead of str.

source/new-driver

index e6443d6a57eae822989bdde61d9b98e18285af52..82463916b2304e188d37d22849dbc4f738aa17ea 100755 (executable)
@@ -56,7 +56,8 @@ def new_driver():
     tmp = tempfile.mkdtemp()
     try:
         os.chdir(tmp)
-        process = Popen("git clone --depth=1 " + LIBSR, shell=True, stderr=PIPE)
+        process = Popen(['git', 'clone', '--depth=1', LIBSR],
+                        stdout=PIPE, stderr=PIPE)
         out, err = process.communicate()
         if process.returncode:
             raise Exception(err.decode())
@@ -132,12 +133,14 @@ def do_driverskel(gitdir):
 
 def make_patch(gitdir):
     os.chdir(gitdir)
-    command('git add src/hardware/' + names['short'])
-    cmd = 'git commit -m "%s: Initial driver skeleton." ' % names['short']
-    cmd += 'configure.ac Makefile.am src/hardware/' + names['short']
+    command(['git', 'add', 'src/hardware/' + names['short']])
+    cmd = ['git', 'commit',
+           '-m', '%s: Initial driver skeleton.' % names['short'],
+           'configure.ac', 'Makefile.am',
+           'src/hardware/' + names['short']]
     command(cmd)
-    cmd = "git format-patch HEAD~1"
-    out, err = Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE).communicate()
+    cmd = ['git', 'format-patch', 'HEAD~1']
+    out, err = Popen(cmd, stdout=PIPE, stderr=PIPE).communicate()
     if err:
         raise Exception(err.decode())
     patch = out.decode().strip()
@@ -146,7 +149,7 @@ def make_patch(gitdir):
 
 
 def command(cmd):
-    out, err = Popen(cmd, shell=True, stderr=PIPE).communicate()
+    out, err = Popen(cmd, stderr=PIPE).communicate()
     if err:
         raise Exception(err.decode())