MCPcopy
hub / github.com/react/create-react-app / launchEditor

Function launchEditor

packages/react-dev-utils/launchEditor.js:287–397  ·  view source on GitHub ↗
(fileName, lineNumber, colNumber)

Source from the content-addressed store, hash-verified

285
286let _childProcess = null;
287function launchEditor(fileName, lineNumber, colNumber) {
288 if (!fs.existsSync(fileName)) {
289 return;
290 }
291
292 // Sanitize lineNumber to prevent malicious use on win32
293 // via: https://github.com/nodejs/node/blob/c3bb4b1aa5e907d489619fb43d233c3336bfc03d/lib/child_process.js#L333
294 // and it should be a positive integer
295 if (!(Number.isInteger(lineNumber) && lineNumber > 0)) {
296 return;
297 }
298
299 // colNumber is optional, but should be a positive integer too
300 // default is 1
301 if (!(Number.isInteger(colNumber) && colNumber > 0)) {
302 colNumber = 1;
303 }
304
305 let [editor, ...args] = guessEditor();
306
307 if (!editor) {
308 printInstructions(fileName, null);
309 return;
310 }
311
312 if (editor.toLowerCase() === 'none') {
313 return;
314 }
315
316 if (
317 process.platform === 'linux' &&
318 fileName.startsWith('/mnt/') &&
319 /Microsoft/i.test(os.release())
320 ) {
321 // Assume WSL / "Bash on Ubuntu on Windows" is being used, and
322 // that the file exists on the Windows file system.
323 // `os.release()` is "4.4.0-43-Microsoft" in the current release
324 // build of WSL, see: https://github.com/Microsoft/BashOnWindows/issues/423#issuecomment-221627364
325 // When a Windows editor is specified, interop functionality can
326 // handle the path translation, but only if a relative path is used.
327 fileName = path.relative('', fileName);
328 }
329
330 // cmd.exe on Windows is vulnerable to RCE attacks given a file name of the
331 // form "C:\Users\myusername\Downloads\& curl 172.21.93.52". Use a whitelist
332 // to validate user-provided file names. This doesn't cover the entire range
333 // of valid file names but should cover almost all of them in practice.
334 if (
335 process.platform === 'win32' &&
336 !WINDOWS_FILE_NAME_WHITELIST.test(fileName.trim())
337 ) {
338 console.log();
339 console.log(
340 chalk.red('Could not open ' + path.basename(fileName) + ' in the editor.')
341 );
342 console.log();
343 console.log(
344 'When running on Windows, file names are checked against a whitelist ' +

Callers 1

Calls 5

guessEditorFunction · 0.85
isTerminalEditorFunction · 0.85
testMethod · 0.80
printInstructionsFunction · 0.70

Tested by

no test coverage detected