fix shell command escaping in sql task and spec_helper

puppetlabs · Feb 19, 2021 · 670d879 · 670d879
1 parent a20e2b3
commit 670d879
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb
@@ -33,7 +33,7 @@
     # this could definitely be optimized
     add_filter do |f|
       # system returns true if exit status is 0, which with git-check-ignore means file is ignored
-      system("git check-ignore --quiet #{f.filename}")
+      system('git', 'check-ignore', '--quiet', f.filename)
     end
   end
 end
@@ -77,3 +77,4 @@ def param(type, title, param)
                       .and_raise_error(StandardError)
   end
 end
+
diff --git a/tasks/sql.rb b/tasks/sql.rb
@@ -8,12 +8,12 @@
 def get(sql, database, user, port, password, host)
   env_hash = {}
   env_hash['PGPASSWORD'] = password unless password.nil?
-  cmd_string = "psql -c \"#{sql}\""
-  cmd_string += " --dbname=#{database}" unless database.nil?
-  cmd_string += " --username=#{user}" unless user.nil?
-  cmd_string += " --port=#{port}" unless port.nil?
-  cmd_string += " --host=#{host}" unless host.nil?
-  stdout, stderr, status = Open3.capture3(env_hash, cmd_string)
+  cmd_string = ['psql', '-c', sql]
+  cmd_string << "--dbname=#{database}" unless database.nil?
+  cmd_string << "--username=#{user}" unless user.nil?
+  cmd_string << "--port=#{port}" unless port.nil?
+  cmd_string << "--host=#{host}" unless host.nil?
+  stdout, stderr, status = Open3.capture3(env_hash, *cmd_string)
   raise Puppet::Error, stderr if status != 0
   { status: stdout.strip }
 end