summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
667a1cd)
Turns out, making strings shell-proof is harder than expected:
# machinectl set-hostname "foo|poweroff" && . /etc/machine-info
(This could be simplified by quoting *and* escaping all characters,
which is harmless in shell but unnecessary.)
p++;
fwrite(v, 1, p-v, f);
p++;
fwrite(v, 1, p-v, f);
- if (string_has_cc(p, NULL) || chars_intersect(p, WHITESPACE "\'\"\\`$")) {
+ if (string_has_cc(p, NULL) || chars_intersect(p, WHITESPACE SHELL_NEED_QUOTES)) {
fputc('\"', f);
for (; *p; p++) {
fputc('\"', f);
for (; *p; p++) {
- if (strchr("\'\"\\`$", *p))
+ if (strchr(SHELL_NEED_ESCAPE, *p))
fputc('\\', f);
fputc(*p, f);
fputc('\\', f);
fputc(*p, f);
#define COMMENTS "#;"
#define GLOB_CHARS "*?["
#define COMMENTS "#;"
#define GLOB_CHARS "*?["
+/* What characters are special in the shell? */
+/* must be escaped outside and inside double-quotes */
+#define SHELL_NEED_ESCAPE "\"\\`$"
+/* can be escaped or double-quoted */
+#define SHELL_NEED_QUOTES SHELL_NEED_ESCAPE GLOB_CHARS "'()<>|&;"
+
#define FORMAT_BYTES_MAX 8
#define ANSI_HIGHLIGHT_ON "\x1B[1;39m"
#define FORMAT_BYTES_MAX 8
#define ANSI_HIGHLIGHT_ON "\x1B[1;39m"