On 09/06/2018 04:47 AM, Joshua Phillips wrote:
This could be quite dangerous if programs are double-escaping commands to be passed to e.g. SSH through dash.
Moral of the story - DON'T EVER USE ECHO if you are trying to output a string containing \ or a leading -. Use printf instead. Even POSIX recommends that.
-- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
