help-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-bash] Performing quote removal on data


From: Greg Wooledge
Subject: Re: [Help-bash] Performing quote removal on data
Date: Wed, 28 May 2014 15:40:49 -0400
User-agent: Mutt/1.4.2.3i

> > On May 28, 2014 1:54 AM, "Maarten Billemont" <address@hidden> wrote:
> > > Suppose you have a variable whose value contains bash-escapes and quotes,
> > > and you need to perform the operations bash would perform on that string
> > > to turn it into a literal word.
> > >
> > > var=?foo\ bar/?

Ugh, stupid quotes?

> > > How would you proceed to get the literal ?foo bar/? out of that,

eval

> > > in a safe way (ie. perform just pathname expansion and quote removal,
> > > maybe even word splitting but that taking into account the quoted
> > > whitespace)?  Specifically, I do NOT want any risk of performing command
> > > execution or any other expansions on the data (eg. ?foo $(rm -rf ~)/?

Oh.  So you want to do an eval on user-supplied code, but you don't want
to ever run any commands other than variable assignments?

Maybe you could set resource limits in such a way that fork() would
become impossible?  Might be OS-specific.  Make sure you either do so
in a subshell, or that you have a way to restore the limits afterward.

Short of modifying bash to add shopts to disable command substitutions
at will, or writing a full-blown bash parser in bash, I don't think
there's any other way to make eval-able code safe to eval.

I actually think "shopt -s nocmdsubs" or similar might be a useful
feature, but I won't try to implement it.  Also, there's still another
problem: what prevents the malicious user from sticking "shopt -u ..."
in front of the command substitution?  Then you'd need to make the
"shopt -s nocmdsubs" irreversible, which means you'd still need to do
it all in a subshell, and communicate the results back to the parent
somehow.  It's quite a mess.

(For that matter, if a "no forking" resource limit is reversible, then
you have the same problem!  Ugh....)



reply via email to

[Prev in Thread] Current Thread [Next in Thread]