Skip to content

Commit

Permalink
Merge pull request #4 from annexare/escape-args
Browse files Browse the repository at this point in the history
Escape arguments (paths) for exec
  • Loading branch information
dmythro committed May 10, 2016
2 parents e7cc1af + f1e7f86 commit 1b280c7
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 8 deletions.
25 changes: 18 additions & 7 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,9 @@ class PackDir {

dmg(path, callback) {
let fileName = path + this.DMG,
cmd = `hdiutil create -format ${this.params.dmgFormat} -srcfolder "${path}" "${fileName}"`;
fileNameArg = this.escapeArg(fileName),
pathArg = this.escapeArg(path),
cmd = `hdiutil create -format ${this.params.dmgFormat} -srcfolder ${pathArg} ${fileNameArg}`;

this.cleanFile(fileName);
this.exec(cmd, unset, callback || unset);
Expand All @@ -50,6 +52,12 @@ class PackDir {
return fileName;
}

escapeArg(arg) {
return arg
.trim()
.replace(/(["\s'$`\\])/g, '\\$1');
}

exec(cmd, params, callback) {
let execute = this.params.isSync
? require('child_process').execSync
Expand Down Expand Up @@ -148,8 +156,8 @@ class PackDir {
pathToUnZip = isWindows
? this.getUnZipPath()
: 'unzip',
extractTo = destination || pathInfo.dir,
cmd = `${pathToUnZip} -o "${path}" -d "${extractTo}"`;
extractTo = this.escapeArg(destination || pathInfo.dir),
cmd = `${pathToUnZip} -o ${this.escapeArg(path)} -d ${extractTo}`;

this.exec(cmd, unset, callback || unset);

Expand All @@ -160,13 +168,16 @@ class PackDir {
let fileName = path + this.ZIP,
pathInfo = Path.parse(path),
pathStat = FS.statSync(path),
pathBase = pathStat.isDirectory()
? pathInfo.base + '\\' + Path.sep + '*'
: pathInfo.base,
pathWithMask = this.escapeArg(
pathStat.isDirectory()
? pathInfo.base + Path.sep + '*'
: pathInfo.base
),
pathToZip = isWindows
? this.getZipPath()
: 'zip',
cmd = `${pathToZip} -r "${pathInfo.base}.zip" ${pathBase}`,
pathToZipFile = this.escapeArg(pathInfo.base + '.zip'),
cmd = `${pathToZip} -r ${pathToZipFile} ${pathWithMask}`,
params = {};

if (pathInfo.dir) {
Expand Down
6 changes: 5 additions & 1 deletion tests/index.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
const fs = require('fs');
const isOSX = (process.platform === 'darwin'),
TEST_PATH = 'tests',
TEST_DIR_PATH = TEST_PATH + '/test-dir',
TEST_DIR_PATH = TEST_PATH + '/test dir',
TEST_EXTRACT_PATH = TEST_PATH + '/test-extract',
TEST_OSX_PATH = TEST_PATH + '/test-osx',
TEST_OSX_REG = /osx/;
Expand Down Expand Up @@ -104,6 +104,10 @@ describe('Pack Dir', () => {
expect(Pack.extract(TEST_OSX_PATH + '/index.html')).toEqual(-3);
});

it('escapes args/paths', () => {
expect(Pack.escapeArg(TEST_PATH)).toEqual(TEST_PATH.replace(' ', '\\ '));
});

// Cleanup
fs.readdir(TEST_PATH, (err, files) => {
if (files && files.length) {
Expand Down
File renamed without changes.

0 comments on commit 1b280c7

Please sign in to comment.