Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #14657
| From | L A Walsh <bash@tlinx.org> |
|---|---|
| Newsgroups | gnu.bash.bug |
| Subject | Re: bash sockets: printf \x0a does TCP fragmentation |
| Date | 2018-09-25 05:15 -0700 |
| Message-ID | <mailman.1292.1537877720.1284.bug-bash@gnu.org> (permalink) |
| References | <c6de6616-dda0-570d-de56-419e7676be8a@cbii-hh.de> <20180921231101307758654@bob.proulx.com> <714e1ba0-0052-2f2b-676d-778f2b7129c1@testssl.sh> <20180924130533.4ufaxypoelta6f7n@eeg.ccf.org> |
On 9/24/2018 6:05 AM, Greg Wooledge wrote:
> On Sat, Sep 22, 2018 at 11:50:17AM +0200, dirk+bash@testssl.sh wrote:
>
>> On 9/22/18 7:30 AM, Bob Proulx wrote:
>>
>>> dirk+bash@testssl.sh wrote:
>>>
>>>> printf -- "$data" >&5 2>/dev/null
>>>>
>>> What happens if $data contains % format strings? What happens if the
>>> format contains a sequence such as \c? This looks problematic. This
>>> is not a safe programming proctice.
>>>
>
> Looking ONLY at this one line, there is an obvious bug, which Bob has
> pointed out. It should be
>
> printf %s "$data" >&5 2>/dev/null
>
----
This brings to mind a consideration:
As %s says to print a string of data (presumably not
including a NUL byte), then what happens if "$data" is
a paragraph of text with embedded newlines. In that case,
it sounds like bash might break apart the single printf
output into smaller packets rather than transmitting the
entirety of "$data" in 1 write (presuming it is less than
the maximum data size for a network packet).
Also, if you want to flush the data out at the end, it seems
"%s\n" would be required to force out the last line of text if
it wasn't nl terminated.
> That is utterly horrifying.
>
---
Hmmm....I didn't realize how sensitive some sensibilities were...
:-)
Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread
Re: bash sockets: printf \x0a does TCP fragmentation L A Walsh <bash@tlinx.org> - 2018-09-25 05:15 -0700
csiph-web