help: help CodeQL understand that consuming envvars is okay here

dscho · dscho · commit 353f699260dd · 2025-08-08T10:47:28.000+02:00
Signed-off-by: Johannes Schindelin &lt;johannes.schindelin@gmx.de&gt;
diff --git a/builtin/help.c b/builtin/help.c
@@ -278,7 +278,7 @@ static void exec_woman_emacs(const char *path, const char *page)
 		if (!path)
 			path = "emacsclient";
 		strbuf_addf(&man_page, "(woman \"%s\")", page);
-		execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL);
+		execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 		warning_errno(_("failed to exec '%s'"), path);
 		strbuf_release(&man_page);
 	}
@@ -300,7 +300,7 @@ static void exec_man_konqueror(const char *path, const char *page)
 		} else
 			path = "kfmclient";
 		strbuf_addf(&man_page, "man:%s(1)", page);
-		execlp(path, filename, "newTab", man_page.buf, (char *)NULL);
+		execlp(path, filename, "newTab", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 		warning_errno(_("failed to exec '%s'"), path);
 		strbuf_release(&man_page);
 	}
@@ -310,7 +310,7 @@ static void exec_man_man(const char *path, const char *page)
 {
 	if (!path)
 		path = "man";
-	execlp(path, "man", page, (char *)NULL);
+	execlp(path, "man", page, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 	warning_errno(_("failed to exec '%s'"), path);
 }
 

Original file line number	Diff line number	Diff line change
`@@ -278,7 +278,7 @@ static void exec_woman_emacs(const char path, const char page)`
`278`	`278`	`if (!path)`
`279`	`279`	`path = "emacsclient";`
`280`	`280`	`strbuf_addf(&man_page, "(woman \"%s\")", page);`
`281`		`- execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL);`
	`281`	`+ execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`282`	`282`	`warning_errno(_("failed to exec '%s'"), path);`
`283`	`283`	`strbuf_release(&man_page);`
`284`	`284`	`}`
`@@ -300,7 +300,7 @@ static void exec_man_konqueror(const char path, const char page)`
`300`	`300`	`} else`
`301`	`301`	`path = "kfmclient";`
`302`	`302`	`strbuf_addf(&man_page, "man:%s(1)", page);`
`303`		`- execlp(path, filename, "newTab", man_page.buf, (char *)NULL);`
	`303`	`+ execlp(path, filename, "newTab", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`304`	`304`	`warning_errno(_("failed to exec '%s'"), path);`
`305`	`305`	`strbuf_release(&man_page);`
`306`	`306`	`}`
`@@ -310,7 +310,7 @@ static void exec_man_man(const char path, const char page)`
`310`	`310`	`{`
`311`	`311`	`if (!path)`
`312`	`312`	`path = "man";`
`313`		`- execlp(path, "man", page, (char *)NULL);`
	`313`	`+ execlp(path, "man", page, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`314`	`314`	`warning_errno(_("failed to exec '%s'"), path);`
`315`	`315`	`}`
`316`	`316`