[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Detecting an opening { and a closing } in a variable
|
From: |
Greg Wooledge |
|
Subject: |
Re: Detecting an opening { and a closing } in a variable |
|
Date: |
Mon, 30 May 2022 14:16:36 -0400 |
On Mon, May 30, 2022 at 05:00:07PM +0000, goncholden via wrote:
> How can I detect an opening { and a closing } in variables such as
>
> "\*.{cp,cpp,f90,f95,f03,f08}"
Literal answer:
if [[ $var = *{*}* ]]; then
echo "this variable has a { and a } and they're in the right order"
fi
Real answer:
What are you trying to do?
It looks like you're trying to prompt a user for terminal input which
will be treated as a glob, but is also allowed to be a brace expansion
which generates a list of globs.
What you intend to do with these globs is unclear, but I'm betting it
will involved an unquoted variable expansion leading to a cascade of
pathname expansions.
So, it sounds like you want to *parse* the brace expansion and create
a list of globs just as the shell does.
The naive answer to that is "let the shell do it". You have eval. This
is what it's for.
This becomes especially true if you want to allow nested brace expansions.
Which I'm sure you do, because
21. If^H^HWhen the newbie's question is ambiguous, the proper
interpretation will be whichever one makes the problem the hardest
to solve.
If you want to be fancy, you could try to prevent the end user's input
from causing code injections when you eval it. This could end up anywhere
from tricky to nightmare.
So, you need to step back a bit and look at the whole picture. Is this
program running in a security context in which code injections *matter*?
Or is it something like a dumb function that the user is invoking for
their own personal use, in their own interactive shell?
If it's the latter, then don't break your neck doing backflips trying to
secure eval against all possible code injections. Tell the user (yourself)
not to do dumb-ass things.