[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: fixes for whitespace in `pwd`
From: |
Jim Meyering |
Subject: |
Re: fixes for whitespace in `pwd` |
Date: |
Fri, 30 Nov 2007 13:48:45 +0100 |
Ralf Wildenhues <address@hidden> wrote:
> Please consider this patch to fix some quoting errors for whitespace in
> the build dir name.
>
> There seems to be at least one more instance, in
> tests/misc/ls-misc: the command starting with
> | system (qq(touch setuid && chmod u+s setuid && $test -u setuid &
>
> looks like all instances of $test in there need escaping/quoting.
> I'm not brave enough to try the test as empowered user, though.
Thanks, Ralf.
However, that is not a problem, because a check in
the CuTmpdir module makes us skip the whole test when
the build directory is suspicious:
$ pwd
/t/a b/cu
$ cd tests/misc && make check TESTS=ls-misc >& /dev/null
$ tail -1 ls-misc.log
-: skipping test: unsafe working directory name
Note the "-:" which should be "test_name:". I've just fixed that, too.]
In spite of that, I've changed it to add quotes, just in case:
Be extra careful to quote $abs_top_builddir-derived names.
* tests/misc/ls-misc (shell_quote): New function.
Use it to quote file names derived from $abs_top_builddir,
in case it contains shell meta-characters. This is not currently
needed, since CuTmpdir detects the fishy name and skips the test.
But it's important enough to add the extra protection.
Reported by Ralf Wildenhues.
diff --git a/tests/misc/ls-misc b/tests/misc/ls-misc
index 520c503..1e4f327 100755
--- a/tests/misc/ls-misc
+++ b/tests/misc/ls-misc
@@ -35,9 +35,24 @@ use strict;
# Turn off localisation of executable's ouput.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
+# If the string $S is a well-behaved file name, simply return it.
+# If it contains white space, quotes, etc., quote it, and return the new
string.
+sub shell_quote($)
+{
+ my ($s) = @_;
+ if ($s =~ m![^\w+/.,-]!)
+ {
+ # Convert each single quote to '\''
+ $s =~ s/\'/\'\\\'\'/g;
+ # Then single quote the string.
+ $s = "'$s'";
+ }
+ return $s;
+}
+
# Set up files used by the setuid-etc tests; skip this entire test if
# that cannot be done.
-my $test = "$ENV{abs_top_builddir}/src/test";
+my $test = shell_quote "$ENV{abs_top_builddir}/src/test";
system (qq(touch setuid && chmod u+s setuid && $test -u setuid &&
touch setgid && chmod g+s setgid && $test -g setgid &&
mkdir sticky && chmod +t sticky && $test -k sticky &&
--
1.5.3.6.970.gd25430