Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #16160
| Path | csiph.com!5.us.feeder.erje.net!feeder.erje.net!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Sam Liddicott <sam@liddicott.com> |
| Newsgroups | gnu.bash.bug |
| Subject | Re: %q with truncating size loses safeness of %q |
| Date | Fri, 17 Apr 2020 21:38:56 +0100 |
| Lines | 40 |
| Approved | bug-bash@gnu.org |
| Message-ID | <mailman.546.1587155961.3066.bug-bash@gnu.org> (permalink) |
| References | <CAOj-5WCqxqh=Gcda9k6y4orQaQYXPgsOgNEOVN1AdZQrkCVbtg@mail.gmail.com> <4bacf2f0-9802-67d3-f30b-80e37d058a4a@case.edu> <CAOj-5WAM4c38uJ4kWb-=_4qx_2umkHYVyWOGhPAac-ASNZqw4Q@mail.gmail.com> |
| NNTP-Posting-Host | lists.gnu.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset="UTF-8" |
| X-Trace | usenet.stanford.edu 1587155962 16109 209.51.188.17 (17 Apr 2020 20:39:22 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | bug-bash@gnu.org, bash@packages.debian.org |
| To | Chester Ramey <chet.ramey@case.edu> |
| Envelope-to | bug-bash@gnu.org |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=liddicott-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ofbYOu8u+rmKBESl/HYz9HPn1NhXB48IIXRRnZwboks=; b=Y/kKuXJFr8JgiJiuS05V4bp1Sb0lDQkGH/92OIKoX70wPImGU3j2UjsHKtpmtzXPqS nVaVaBMk/YsqHM4cLG8njDX3Z6NLNdHq6JhaNTDSccgwnemiMeUmi3Au2VFiY9a9iDsi CnxbucdkHuf96WW7Kl/ktcMt1zklNL1+BJg5HwuA2ShYW6J+DC3MuTAm13d/s+0klKPW fwZ9N69mScrXabZxhJer0iUMyZlW/lav3H3fgLcEMB0kxeW24yvKevcW6pYvE0nmtFUz Bss6bMLMWppSPBDne6Baa6qc/7/LsUA7sUoesSKKmIcBFjy2+dm2pLTbx8b4p4L0UKAJ 6wRQ== |
| X-Google-DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ofbYOu8u+rmKBESl/HYz9HPn1NhXB48IIXRRnZwboks=; b=RhluGYr8bxrxszboraMhOOBpTUk/i0mVVQh/VqiMwLMtc1h/tTwuFHvy4LSDHuuWcS x6ECI9RDk6SlHZVRQi/mm8eqr9oN3e9AeDIdEwNMK5rwdo/C2mqbFvmklQvY4X0uHY/x m2z7EJ1OvUkD7tV6q5V2DA9SM9/tf2FOm52PIXMddgvMjBHb7eUh6P6hWMuuko1f9UWM XaFSXi/uUONMs8kignbYaTd6QSC5RBGCg8F6VPqVP/amuAzLPikpifwzb8nMY7R6zYcS IAf5IBgOFEgzFiAjklxND7kfEhq6kUD+lVvqSF4Eq6rpGfiKfP/uXaVejdsOjtIcyK4d atEQ== |
| X-Gm-Message-State | AGi0Pub/kWS3aWtbbLAVIvoh2vgy+SpyO697hypH23/MkLBXAHNW21/x gWdFALjpXIgGUxp6MhTc8nMIjMo8+nMFZNWn8UeE9Q== |
| X-Google-Smtp-Source | APiQypKBV3e7M3OyZCbFULwGF3Dy/qqQ+5cmLROHQFtmaF/d4oGcO1tWCQAB7y7QXny8cVlF5L4w8lH65/WZn/5CPyk= |
| X-Received | by 2002:a19:992:: with SMTP id 140mr3250273lfj.41.1587155949332; Fri, 17 Apr 2020 13:39:09 -0700 (PDT) |
| In-Reply-To | <4bacf2f0-9802-67d3-f30b-80e37d058a4a@case.edu> |
| X-detected-operating-system | by eggs.gnu.org: Genre and OS details not recognized. |
| X-Received-From | 2a00:1450:4864:20::134 |
| X-Content-Filtered-By | Mailman/MimeDel 2.1.23 |
| X-BeenThere | bug-bash@gnu.org |
| X-Mailman-Version | 2.1.23 |
| Precedence | list |
| List-Id | Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org> |
| List-Unsubscribe | <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe> |
| List-Archive | <https://lists.gnu.org/archive/html/bug-bash> |
| List-Post | <mailto:bug-bash@gnu.org> |
| List-Help | <mailto:bug-bash-request@gnu.org?subject=help> |
| List-Subscribe | <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <CAOj-5WAM4c38uJ4kWb-=_4qx_2umkHYVyWOGhPAac-ASNZqw4Q@mail.gmail.com> |
| X-Mailman-Original-References | <CAOj-5WCqxqh=Gcda9k6y4orQaQYXPgsOgNEOVN1AdZQrkCVbtg@mail.gmail.com> <4bacf2f0-9802-67d3-f30b-80e37d058a4a@case.edu> |
| Xref | csiph.com gnu.bash.bug:16160 |
Show key headers only | View raw
So is it to be "fixed" in the documentation with a warning that truncating-size specifiers for %q may nullify the safety benefits for which it is used? Sam On Fri, 17 Apr 2020, 21:12 Chet Ramey, <chet.ramey@case.edu> wrote: > On 4/17/20 10:22 AM, Sam Liddicott wrote: > > > Bash Version: 4.4 > > Patch Level: 20 > > Release Status: release > > > > Also occurs on 5.0.7(1)-release > > > > Description: > > printf %q with a truncating size will emit partially escaped > > sequence thus losing the safety and composability that %q > > is intended to provide. > > > > Repeat-By: > > $ printf 'echo %.2q%q\n' "a'b" ';ls' > > echo a\\;ls > > The semi-colon is no longer escaped, the expectation of > > the %q formatter is lost > > I would say this is a programmer error. The way precisions work with > string arguments is that the argument is fetched or generated (this > includes generating the quoted string for %q or the expanded string for > %b) and then printf writes number of bytes (!) from that generated string > specified by the precision. > > Chet > > -- > ``The lyf so short, the craft so long to lerne.'' - Chaucer > ``Ars longa, vita brevis'' - Hippocrates > Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/ >
Back to gnu.bash.bug | Previous | Next | Find similar
Re: %q with truncating size loses safeness of %q Sam Liddicott <sam@liddicott.com> - 2020-04-17 21:38 +0100
csiph-web