[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnulib-tool.py: Quote file names passed to 'patch'.
From: |
Bruno Haible |
Subject: |
Re: gnulib-tool.py: Quote file names passed to 'patch'. |
Date: |
Thu, 02 May 2024 11:13:51 +0200 |
Collin Funk wrote:
> I noticed that the file names when running 'patch' on test-driver
> weren't quoted. I guess that would cause problems in practice if you
> used spaces in directories
Indeed. Thanks for fixing that!
> Since we assume POSIX shells we can just use shlex.quote() to deal
> with any theoretical shell injections too [1].
Yes, I agree. We don't need to write the equivalent of module 'sh-quote'
in Python, when it already exists.
Bruno