From 4cf04988ae03ae64a7027a94a933cd5d50adc894 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 26 May 2023 02:03:45 +0200 Subject: [PATCH] remove uses of golang.org/x/sys/execabs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit the "golang.org/x/sys/execabs" package was introduced to address a security issue on Windows, and changing the default behavior of os/exec was considered a breaking change. go1.19 applied the behavior that was previously implemented in the execabs package; from the release notes: https://go.dev/doc/go1.19#os-exec-path > Command and LookPath no longer allow results from a PATH search to be found > relative to the current directory. This removes a common source of security > problems but may also break existing programs that depend on using, say, > exec.Command("prog") to run a binary named prog (or, on Windows, prog.exe) > in the current directory. See the os/exec package documentation for information > about how best to update such programs. > > On Windows, Command and LookPath now respect the NoDefaultCurrentDirectoryInExePath > environment variable, making it possible to disable the default implicit search > of “.” in PATH lookups on Windows systems. With those changes, we no longer need to use the execabs package, and we can switch back to os/exec. Signed-off-by: Sebastiaan van Stijn --- cli-plugins/manager/candidate.go | 4 +--- cli-plugins/manager/manager.go | 2 +- cli/command/image/build/context.go | 2 +- cli/config/credentials/default_store.go | 4 +--- cli/connhelper/commandconn/commandconn.go | 2 +- 5 files changed, 5 insertions(+), 9 deletions(-) diff --git a/cli-plugins/manager/candidate.go b/cli-plugins/manager/candidate.go index 752b1cb0ef..83e5a05256 100644 --- a/cli-plugins/manager/candidate.go +++ b/cli-plugins/manager/candidate.go @@ -1,8 +1,6 @@ package manager -import ( - exec "golang.org/x/sys/execabs" -) +import "os/exec" // Candidate represents a possible plugin candidate, for mocking purposes type Candidate interface { diff --git a/cli-plugins/manager/manager.go b/cli-plugins/manager/manager.go index 3ce96876d1..bcf150542f 100644 --- a/cli-plugins/manager/manager.go +++ b/cli-plugins/manager/manager.go @@ -3,6 +3,7 @@ package manager import ( "context" "os" + "os/exec" "path/filepath" "sort" "strings" @@ -13,7 +14,6 @@ import ( "github.com/fvbommel/sortorder" "github.com/spf13/cobra" "golang.org/x/sync/errgroup" - exec "golang.org/x/sys/execabs" ) // ReexecEnvvar is the name of an ennvar which is set to the command diff --git a/cli/command/image/build/context.go b/cli/command/image/build/context.go index b029a60095..747c23c7e0 100644 --- a/cli/command/image/build/context.go +++ b/cli/command/image/build/context.go @@ -8,6 +8,7 @@ import ( "io" "net/http" "os" + "os/exec" "path/filepath" "runtime" "strings" @@ -22,7 +23,6 @@ import ( "github.com/docker/docker/pkg/stringid" "github.com/moby/patternmatcher" "github.com/pkg/errors" - exec "golang.org/x/sys/execabs" ) const ( diff --git a/cli/config/credentials/default_store.go b/cli/config/credentials/default_store.go index 9378de48ef..a36afc41f4 100644 --- a/cli/config/credentials/default_store.go +++ b/cli/config/credentials/default_store.go @@ -1,8 +1,6 @@ package credentials -import ( - exec "golang.org/x/sys/execabs" -) +import "os/exec" // DetectDefaultStore return the default credentials store for the platform if // no user-defined store is passed, and the store executable is available. diff --git a/cli/connhelper/commandconn/commandconn.go b/cli/connhelper/commandconn/commandconn.go index 202ddb84cc..95d864e499 100644 --- a/cli/connhelper/commandconn/commandconn.go +++ b/cli/connhelper/commandconn/commandconn.go @@ -20,6 +20,7 @@ import ( "io" "net" "os" + "os/exec" "runtime" "strings" "sync" @@ -28,7 +29,6 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" - exec "golang.org/x/sys/execabs" ) // New returns net.Conn