help: help CodeQL understand that consuming envvars is okay here

dscho · dscho · commit ca3898bcf322 · 2025-07-23T14:32:40.000+02:00
Signed-off-by: Johannes Schindelin &lt;johannes.schindelin@gmx.de&gt;
diff --git a/builtin/help.c b/builtin/help.c
@@ -277,7 +277,7 @@ static void exec_woman_emacs(const char *path, const char *page)
 		if (!path)
 			path = "emacsclient";
 		strbuf_addf(&man_page, "(woman \"%s\")", page);
-		execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL);
+		execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 		warning_errno(_("failed to exec '%s'"), path);
 		strbuf_release(&man_page);
 	}
@@ -299,7 +299,7 @@ static void exec_man_konqueror(const char *path, const char *page)
 		} else
 			path = "kfmclient";
 		strbuf_addf(&man_page, "man:%s(1)", page);
-		execlp(path, filename, "newTab", man_page.buf, (char *)NULL);
+		execlp(path, filename, "newTab", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 		warning_errno(_("failed to exec '%s'"), path);
 		strbuf_release(&man_page);
 	}
@@ -309,7 +309,7 @@ static void exec_man_man(const char *path, const char *page)
 {
 	if (!path)
 		path = "man";
-	execlp(path, "man", page, (char *)NULL);
+	execlp(path, "man", page, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths
 	warning_errno(_("failed to exec '%s'"), path);
 }
 

Original file line number	Diff line number	Diff line change
`@@ -277,7 +277,7 @@ static void exec_woman_emacs(const char path, const char page)`
`277`	`277`	`if (!path)`
`278`	`278`	`path = "emacsclient";`
`279`	`279`	`strbuf_addf(&man_page, "(woman \"%s\")", page);`
`280`		`- execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL);`
	`280`	`+ execlp(path, "emacsclient", "-e", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`281`	`281`	`warning_errno(_("failed to exec '%s'"), path);`
`282`	`282`	`strbuf_release(&man_page);`
`283`	`283`	`}`
`@@ -299,7 +299,7 @@ static void exec_man_konqueror(const char path, const char page)`
`299`	`299`	`} else`
`300`	`300`	`path = "kfmclient";`
`301`	`301`	`strbuf_addf(&man_page, "man:%s(1)", page);`
`302`		`- execlp(path, filename, "newTab", man_page.buf, (char *)NULL);`
	`302`	`+ execlp(path, filename, "newTab", man_page.buf, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`303`	`303`	`warning_errno(_("failed to exec '%s'"), path);`
`304`	`304`	`strbuf_release(&man_page);`
`305`	`305`	`}`
`@@ -309,7 +309,7 @@ static void exec_man_man(const char path, const char page)`
`309`	`309`	`{`
`310`	`310`	`if (!path)`
`311`	`311`	`path = "man";`
`312`		`- execlp(path, "man", page, (char *)NULL);`
	`312`	`+ execlp(path, "man", page, (char *)NULL); // CodeQL [SM01925] justification: Git's help system safely consumes user-controlled environment variables and paths`
`313`	`313`	`warning_errno(_("failed to exec '%s'"), path);`
`314`	`314`	`}`
`315`	`315`