Fix command injection

intitni · intitni · commit 9340275e6151 · 2025-05-09T00:47:32.000+08:00
diff --git a/Core/Sources/ChatGPTChatTab/Chat.swift b/Core/Sources/ChatGPTChatTab/Chat.swift
@@ -206,9 +206,9 @@ struct Chat {
                                 "/bin/bash",
                                 arguments: [
                                     "-c",
-                                    "xed -l \(reference.startLine ?? 0) \"\(reference.uri)\"",
+                                    "xed -l \(reference.startLine ?? 0) ${TARGET_FILE}",
                                 ],
-                                environment: [:]
+                                environment: ["TARGET_FILE": reference.uri]
                             )
                         } catch {
                             print(error)
diff --git a/Core/Sources/Service/SuggestionCommandHandler/PseudoCommandHandler.swift b/Core/Sources/Service/SuggestionCommandHandler/PseudoCommandHandler.swift
@@ -505,9 +505,9 @@ struct PseudoCommandHandler: CommandHandler {
                 "/bin/bash",
                 arguments: [
                     "-c",
-                    "xed -l \(line) \"\(fileURL.path)\"",
+                    "xed -l \(line) ${TARGET_FILE}",
                 ],
-                environment: [:]
+                environment: ["TARGET_FILE": fileURL.path],
             )
         } catch {
             print(error)
diff --git a/Tool/Sources/GitIgnoreCheck/GitIgnoreCheck.swift b/Tool/Sources/GitIgnoreCheck/GitIgnoreCheck.swift
@@ -54,9 +54,9 @@ public struct DefaultGitIgnoredChecker: GitIgnoredChecker {
         do {
             let result = try await terminal.runCommand(
                 "/bin/bash",
-                arguments: ["-c", "git check-ignore \"\(fileURL.path)\""],
+                arguments: ["-c", "git check-ignore ${TARGET_FILE}"],
                 currentDirectoryURL: gitFolderURL,
-                environment: [:]
+                environment: ["TARGET_FILE": fileURL.path]
             )
             if result.isEmpty { return false }
             return true
@@ -76,9 +76,9 @@ public struct DefaultGitIgnoredChecker: GitIgnoredChecker {
         do {
             let result = try await terminal.runCommand(
                 "/bin/bash",
-                arguments: ["-c", "git check-ignore \(filePaths)"],
+                arguments: ["-c", "git check-ignore ${TARGET_FILE}"],
                 currentDirectoryURL: gitFolderURL,
-                environment: [:]
+                environment: ["TARGET_FILE": filePaths]
             )
             return result
                 .split(whereSeparator: \.isNewline)
