Re: tokenize honoring quotes

help-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tokenize honoring quotes

From:	Robert E. Griffith
Subject:	Re: tokenize honoring quotes
Date:	Fri, 5 Aug 2022 15:54:19 -0400
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

Boy, eval quoting kind of bends my mind. When I first looked at it I thought "that cant be right" but now I see it. What if I need to avoidarbitrary code execution like ..


   str='echo "hello $(ls >/dev/tty) World"'

Is there anything without using eval? I played around with passing itthrough printf's %q but that renders the whole string escaped so itbecome just one token again.


--BobG

On 8/5/22 14:32, Chet Ramey wrote:

Some variant of this:

str='echo "hello world"'

declare -a a
eval a=\( "$str" \)

declare -p a

[Prev in Thread]

Current Thread

[Next in Thread]

tokenize honoring quotes, Robert E. Griffith, 2022/08/05
- Re: tokenize honoring quotes, Chet Ramey, 2022/08/05
  - Re: tokenize honoring quotes, Robert E. Griffith <=
    - Re: tokenize honoring quotes, Chet Ramey, 2022/08/05
  - Re: tokenize honoring quotes, Greg Wooledge, 2022/08/05
- Re: tokenize honoring quotes, Koichi Murase, 2022/08/05
  - Re: tokenize honoring quotes, Chet Ramey, 2022/08/05
  - Re: tokenize honoring quotes, Robert E. Griffith, 2022/08/05
    - Re: tokenize honoring quotes, Koichi Murase, 2022/08/05
    - Message not available
    - Re: tokenize honoring quotes, Koichi Murase, 2022/08/05
    - Re: tokenize honoring quotes, Koichi Murase, 2022/08/05

Prev by Date: Re: tokenize honoring quotes
Next by Date: Re: tokenize honoring quotes
Previous by thread: Re: tokenize honoring quotes
Next by thread: Re: tokenize honoring quotes
Index(es):
- Date
- Thread