Path: csiph.com!xmission!news.snarked.org!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail From: Greg Wooledge Newsgroups: gnu.bash.bug Subject: Re: bash sockets: printf \x0a does TCP fragmentation Date: Mon, 24 Sep 2018 09:05:33 -0400 Lines: 22 Approved: bug-bash@gnu.org Message-ID: References: <20180921231101307758654@bob.proulx.com> <714e1ba0-0052-2f2b-676d-778f2b7129c1@testssl.sh> NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: usenet.stanford.edu 1537794758 24661 208.118.235.17 (24 Sep 2018 13:12:38 GMT) X-Complaints-To: action@cs.stanford.edu To: bug-bash@gnu.org Envelope-to: bug-bash@gnu.org Mail-Followup-To: bug-bash@gnu.org Content-Disposition: inline In-Reply-To: <714e1ba0-0052-2f2b-676d-778f2b7129c1@testssl.sh> User-Agent: NeoMutt/20170113 (1.7.2) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 139.137.100.1 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Xref: csiph.com gnu.bash.bug:14652 On Sat, Sep 22, 2018 at 11:50:17AM +0200, dirk+bash@testssl.sh wrote: > On 9/22/18 7:30 AM, Bob Proulx wrote: > > dirk+bash@testssl.sh wrote: > >> printf -- "$data" >&5 2>/dev/null > > > > What happens if $data contains % format strings? What happens if the > > format contains a sequence such as \c? This looks problematic. This > > is not a safe programming proctice. Looking ONLY at this one line, there is an obvious bug, which Bob has pointed out. It should be printf %s "$data" >&5 2>/dev/null > I doubt you can judge on this by just looking at a single line > of code -- the project has > 18k LoC in bash. That is utterly horrifying. I have no comments on the buffering issues. Those have already been covered.