Subject: Re: sysinst source niggles.... run_prog, logging/scripting rework?
To: None <>
From: Alan Barrett <>
List: tech-install
Date: 07/01/1999 12:54:16
On Wed, 30 Jun 1999, Jonathan Stone wrote:
>      run-prog({0|1}, {0|1}, NULL,
> 		     "command string %s %s",
> 		     "args", "more args");

Something that bothers me about the current implementation of run_prog()
is the confusion between a command string and an argument vector.

run_prog() gets several arguments as input, then uses printf() to
construct a single string, then splits that string into several args again
and passes them in a vector to launch_subwin() (which passes them to
execvp()).  In your example, execvp() gets a vector that contains
{"command", "string", "args", "more", "args"}, and the fact that "more
args" has been converted from a single string to two separate args might
be a bug or security problem in some circumstances (e.g. if it comes from
user input and we didn't expect the user to type several space-separated

I think we should have a version of run_prog() that gets several
separate args as input and just builds them into a vector (bypassing the
printf and split steps).  And perhaps also a version that gets a ready
made arg vector as input.

>       run_silent("rm -f %s", target_expand("/.profile"));

I'd prefer to see

	run_silent("rm", "-f", target_expand("/.profile"));

--apb (Alan Barrett)