Path: csiph.com!weretis.net!feeder6.news.weretis.net!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail From: Sam Liddicott Newsgroups: gnu.bash.bug Subject: %q with truncating size loses safeness of %q Date: Fri, 17 Apr 2020 15:22:16 +0100 Lines: 42 Approved: bug-bash@gnu.org Message-ID: References: NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: usenet.stanford.edu 1587133380 3106 209.51.188.17 (17 Apr 2020 14:23:00 GMT) X-Complaints-To: action@cs.stanford.edu To: bug-bash@gnu.org, bash@packages.debian.org Envelope-to: bug-bash@gnu.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=liddicott-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=nxCGmKtkIJiyPLw4NZOp9JDk6JxBfToN0SSfRUCKDuU=; b=D0FTXgwjdF5W09Ji3Xsibi/jl5ERBDuHv5mup8nyhfFdPZSR25YyGZgBDnY1ydR4wC DtqnGbRkmHV0InNLLb/vw+XTNiL0Adoimdm0szyIz8qLbsrESKKc0L4q3pWSkhXQLd6N Rij6zNhf7HP0qWrVd1W+kusENls57WHqRq2W2z9xoXbquGtc4DCl2gEnWzK1i8OdpL36 nYDJbXBqIqjRlcfuiXTC9xsKv5bsj87oH7wpgAcLlF6ZqJQL72fbdMKY5h8g8W15JWJg 9Cx1bro8z/S4Nk8nfPAQKsQD5q+L/YP/My6mgXt3wNltMZPAb0Cbq7SWqbjPKD9axFOk /o2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=nxCGmKtkIJiyPLw4NZOp9JDk6JxBfToN0SSfRUCKDuU=; b=nybr043l1SYaLBnUEGOn2OVc65sD2BNbmnfd3lUmVLEhFbr4v7HF/P28ixg/Fx3VdQ z9xAjMKhE5xSphcysVS8KXox+rvtQZZCZsLn1IenKoJ1xOnYQxgSCA16SyCyuFRp3kYN IUWP/cIPa8y9dzxFcZBdTG+xonjVtZ+rm3HHBAnvVwIFOvOFaJjY5q3JwT/BKMk01oo+ zbGdXM1CcJkByeyCo+K4xN0pcRvleAaFWcHHgdR3dTRZMwq5D9ZRu5g3f+mXwWPA1pJg dgu2o6ZtRtdwl4X/WQroX0Bx/u7YTKrB/yVtb788yUTOg4w92GyN32wU7pjUKtld4m71 kSDA== X-Gm-Message-State: AGi0PuZ9oyd9+r8jXthv8iMDp3q7N+0g0vOBvwZ0IrCtreXxO/PLQEIP 0eXQdKkTQQwQOxit6OANuOn23pSpcssIYu3wR6B3jHSjkyU= X-Google-Smtp-Source: APiQypK+8B5rb9ngyZQYHNstAATFPnU/vH05NzCu+wFDYNG5b2+3liW+3cWNY3GdhAzEirhrilnRXeGZ/NabQeT47xg= X-Received: by 2002:ac2:420c:: with SMTP id y12mr2313546lfh.26.1587133373551; Fri, 17 Apr 2020 07:22:53 -0700 (PDT) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::129 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Mailman-Original-Message-ID: Xref: csiph.com gnu.bash.bug:16149 Configuration Information [Automatically generated, do not change]: Machine: x86_64 OS: linux-gnu Compiler: gcc Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64' -DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-pc-linux-gnu' -DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -I. -I../. -I.././include -I.././lib -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -fdebug-prefix-map=/build/bash-N2nMjo/bash-4.4.18=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wno-parentheses -Wno-format-security uname output: Linux sojojojo 5.3.0-46-generic #38~18.04.1-Ubuntu SMP Tue Mar 31 04:17:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux Machine Type: x86_64-pc-linux-gnu Bash Version: 4.4 Patch Level: 20 Release Status: release Also occurs on 5.0.7(1)-release Description: printf %q with a truncating size will emit partially escaped sequence thus losing the safety and composability that %q is intended to provide. Repeat-By: $ printf 'echo %.2q%q\n' "a'b" ';ls' echo a\\;ls The semi-colon is no longer escaped, the expectation of the %q formatter is lost Fix: If it the escape sequence that is to be limited in size, then it should avoid emitting a partial sequence If the product of the sequence is to be limited in size, then the truncating size quantifer should apply to the input, so that it will emit output which will produce a value of the specified length