[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #54236] Leftover extra chars after C1 control's tty sanitization
From: |
Bernhard Voelker |
Subject: |
[bug #54236] Leftover extra chars after C1 control's tty sanitization |
Date: |
Wed, 4 Jul 2018 19:59:29 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 |
Update of bug #54236 (project findutils):
Status: None => Confirmed
_______________________________________________________
Follow-up Comment #1:
To be on the safe side, file names have to be quoted when writing to a
terminal.
----------------->8-----------------
diff --git a/find/parser.c b/find/parser.c
index d6621506..6cf4199a 100644
--- a/find/parser.c
+++ b/find/parser.c
@@ -3400,6 +3400,10 @@ open_output_file (const char *path, struct format_val
*p)
}
p->dest_is_tty = stream_is_tty (p->stream);
+
+ /* Fall back to a safer quoting style if writing to a terminal. */
+ if (p->dest_is_tty)
+ set_quoting_style (p->quote_opts, shell_escape_quoting_style);
}
static void
-----------------8<------------------
On a terminal, this leads to
$ find
.
'./alert'$'\302\233\302\233\302\233\302\233\302\233\302\233\302\233\302\233\033''[31mred'
like newer ls(1) does, and still would be printed literally otherwise:
$ find | od -tx1z
0000000 2e 0a 2e 2f 61 6c 65 72 74 c2 9b c2 9b c2 9b c2 >.../alert.......<
0000020 9b c2 9b c2 9b c2 9b c2 9b 1b 5b 33 31 6d 72 65 >..........[31mre<
0000040 64 0a >d.<
0000042
@James: I'm afraid that we'll run into the same discussions as
in coreutils' ls wrt/ the default quoting style on a terminal.
But hey, it's for security which should have precedence.
WDYT?
Have a nice day,
Berny
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?54236>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/