[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] md5sum, sha*sum: only escape file names containing newlines

From: Eric Blake
Subject: Re: [PATCH] md5sum, sha*sum: only escape file names containing newlines
Date: Fri, 01 Nov 2013 12:20:26 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0

On 11/01/2013 11:03 AM, Pádraig Brady wrote:

>> Escape the output (marking with a leading '\' and backslash-escaping
>> both '\' and '\n') only when the file name contains a newline.
>> Before, we would do that for a file name containing either newline or 
>> backslash.
>> This probably deserves a NEWS entry, since it is user-visible.
> I debated that as I thought it could have no impact on anything,
> but it could actually if one was comparing old and new outputs?
> newsum=$(md5sum my file set | md5sum)
> [ "$newsum" = "$(cat ./oldsum)" ] || error

Not just that, but the new format is not necessarily parseable by older
md*sum.  Your patch didn't show (but probably should be enhanced) what
happens for a file named 'a\nb'; pre-patch, it gave '\sum  a\\nb',
post-patch it gives 'sum  a\nb' - but if the older utility assumes that
the missing leading \ was a mistake and unescapes the file name, it
results in looking for a file as 3 three-byte name "a<newline>b", which
is also part of the user-visible change.

Breaking output so that older versions can't parse newer output has been
one of the reasons that I have only threatened to patch \r handling,
rather than actually doing it, because it's tricky to think about
old/new interactions and what might break.  Depending on how
conservative we are trying to be, we may need to add a command line
option that will let the user forcefully revert to the older-style
output for intentional interaction with older checksum tools regardless
of filename.  For 99% of the cases, the output is identical, since files
with \n or \\ in the name are already rare.  Thinking aloud, it may be
appropriate to have such a mode option be tri-state (old, new, or warn;
with default being warn), where the warning mode gives the new output
but ALSO flags to the user that their output may not be parseable by
older summing utilities.

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]