On Sat, Aug 04, 2012 at 04:42:10PM +0100, Pádraig Brady wrote: > There was a recent change in df in coreutils to sanitize output of paths: > > http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=3ed70fd Thanks! > The essential issue fixed there is that control chars in a path will be > converted to '?' (this works in all locales), and doing so will mean > '\n' for example is not output. You could even consider this a potential > security improvement so that arbitrary users couldn't influence the > output of these commands for all users. > > I suggest using the simple inplace replacement function from above. All our new utils (based on lib/tt.c) already uses hex encoding for ascii non-printable when export mode (e.g. findmnt -P) or blank chars when raw mode (e.g. findmnt -r) is specified. The default output does not escape problematic chars :-( I'll fix it to use iscntrl() and \x?? hex (to be consistent our another outputs). Karel -- Karel Zak <kzak@xxxxxxxxxx> http://karelzak.blogspot.com -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
