On Sun, Aug 31, 2008 at 12:27 PM, Junio C Hamano <gitster@xxxxxxxxx> wrote:
> merlyn@xxxxxxxxxxxxxx (Randal L. Schwartz) writes:
>
>>>>>>> "Avery" == Avery Pennarun <apenwarr@xxxxxxxxx> writes:
>>
>> Avery> Shell quoting is a disaster (including security holes, where relevant)
>> Avery> waiting to happen. The above is the only sane way to do it, and it
>> Avery> isn't very hard to implement. (Instead of system() in the subprocess,
>> Avery> you can use exec().)
>>
>> quotemeta() is about regex quoting. This is not precisely the same as shell
>> quoting, and is both misleading, and potentially broken.
>
> Agreed to, and grateful for, both of your comments.
>
> Do you like the one Jakub quoted from how gitweb does it? It looks like
> this:
>
> # quote the given arguments for passing them to the shell
> # quote_command("command", "arg 1", "arg with ' and ! characters")
> # => "'command' 'arg 1' 'arg with '\'' and '\!' characters'"
> # Try to avoid using this function wherever possible.
> sub quote_command {
> return join(' ',
> map( { my $a = $_; $a =~ s/(['!])/'\\$1'/g; "'$a'" } @_ ));
> }
No, that's just another feeble attempt at quoting, which may or may
not be correct. I'm not smart enough to tell.
I have a proper implementation in the 'runlock' script in gitbuilder:
http://github.com/apenwarr/gitbuilder/tree/master/runlock
In that particular case, I wanted to handle signals carefully, so I
needed the manual fork thing even in perl 5.8. You can safely remove
the signal handling stuff (and of course the lockfile stuff) if you
just want a minimal safe fork-exec-wait implementation in perl.
Have fun,
Avery
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
