mitigate shelling out behaviour risks

2025-12-10 04:36:43 +00:00 · 2022-04-24 18:49:00 +09:30
parent 5c28a3eda7
commit 1ed7b690a5
6 changed files with 14 additions and 14 deletions
--- a/cmd/launcher/main.go
+++ b/cmd/launcher/main.go
@ -20,7 +20,6 @@ package main
 import (
 	"fmt"
 	"os"
-	"os/exec"
 	"path/filepath"
 	"runtime"

@ -36,6 +35,7 @@ import (
 	"github.com/ProtonMail/proton-bridge/v2/internal/versioner"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
+	"golang.org/x/sys/execabs"
 )

 const (
@ -98,7 +98,7 @@ func main() { //nolint:funlen
 		logrus.WithError(err).Fatal("Failed to determine path to launcher")
 	}

-	cmd := exec.Command(exe, appendLauncherPath(launcher, os.Args[1:])...) //nolint:gosec
+	cmd := execabs.Command(exe, appendLauncherPath(launcher, os.Args[1:])...) // nolint:gosec

 	cmd.Stdin = os.Stdin
 	cmd.Stdout = os.Stdout