From: Frank Lichtenheld Date: Fri, 15 Feb 2008 19:41:38 +0000 (+0100) Subject: Dpkg::IPC: avoid surprising execution via the shell X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=07c81f94aa64e9b6f148c5b5cb24461708feb2b5;p=dpkg Dpkg::IPC: avoid surprising execution via the shell * scripts/Dpkg/IPC.pm (fork_and_exec): If @prog only contains one entry exec() might execute it via the shell if it deems it necessary. This is not intended, so avoid this by giving $prog[0] explicetly as the program to execute. --- diff --git a/scripts/Dpkg/IPC.pm b/scripts/Dpkg/IPC.pm index b3937cd6..9c621f92 100644 --- a/scripts/Dpkg/IPC.pm +++ b/scripts/Dpkg/IPC.pm @@ -75,7 +75,7 @@ sub fork_and_exec { # Close some inherited filehandles close($_) foreach (@{$opts{"close_in_child"}}); # Execute the program - exec(@prog) or syserr(_g("exec %s"), "@prog"); + exec({ $prog[0] } @prog) or syserr(_g("exec %s"), "@prog"); } # Close handle that we can't use any more close($opts{"from_handle"}) if exists $opts{"from_handle"};