MCPcopy Index your code
hub / github.com/saltstack/salt / _split_cmd

Method _split_cmd

salt/client/ssh/shell.py:384–397  ·  view source on GitHub ↗

Split a command string so that it is suitable to pass to Popen without shell=True. This prevents shell injection attacks in the options passed to ssh or some other command.

(self, cmd)

Source from the content-addressed store, hash-verified

382 return self._run_cmd(cmd)
383
384 def _split_cmd(self, cmd):
385 """
386 Split a command string so that it is suitable to pass to Popen without
387 shell=True. This prevents shell injection attacks in the options passed
388 to ssh or some other command.
389 """
390 try:
391 ssh_part, cmd_part = cmd.split("/bin/sh")
392 except ValueError:
393 cmd_lst = shlex.split(cmd)
394 else:
395 cmd_lst = shlex.split(ssh_part)
396 cmd_lst.append(f"/bin/sh {cmd_part}")
397 return cmd_lst
398
399 def _sanitize_str(self, text, sanitize_text):
400 """Remove all occurrences of sanitize_text from text"""

Callers 2

_run_nb_cmdMethod · 0.95
_run_cmdMethod · 0.95

Calls 1

appendMethod · 0.45

Tested by

no test coverage detected