Misc minor fixes

[PATCH 1/3] scripts: use subprocess.run instead of os.system

Posted by Daniel P. Berrangé via Devel 2 weeks ago

From: Daniel P. Berrangé <berrange@redhat.com>

The subprocess.run command avoids using the shell and so is robust
should sys.argv contain any whitespace or unexpected shell meta
characters.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 scripts/check-file-access.py | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/scripts/check-file-access.py b/scripts/check-file-access.py
index 2636eb4f96..71130d4dec 100755
--- a/scripts/check-file-access.py
+++ b/scripts/check-file-access.py
@@ -23,6 +23,7 @@
 
 import os
 import re
+import subprocess
 import sys
 import tempfile
 
@@ -36,11 +37,9 @@ permitted_file = os.path.join(abs_srcdir, 'permitted_file_access.txt')
 
 os.environ['VIR_TEST_FILE_ACCESS_OUTPUT'] = access_file
 
-test = ' '.join(sys.argv[1:])
+proc = subprocess.run(sys.argv[1:])
 
-ret = os.system(test)
-
-if ret != 0 or os.read(access_fd, 10) == b'':
+if proc.returncode != 0 or os.read(access_fd, 10) == b'':
     os.close(access_fd)
     os.remove(access_file)
     sys.exit(ret)
-- 
2.51.1

[PATCH 1/3] scripts: use subprocess.run instead of os.system
[PATCH 2/3] src: check for invalid stream in virStreamInData
[PATCH 3/3] tools/nss: check for missing array element