|
From: | Eric Blake |
Subject: | Re: [PATCH v10 02/10] qemu-binfmt-conf.sh: enforce safe tests |
Date: | Tue, 10 Mar 2020 06:47:20 -0500 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 |
On 3/10/20 3:28 AM, Laurent Vivier wrote:
Le 09/03/2020 à 20:19, Unai Martinez-Corral a écrit :All the tests are prefixed with 'x', in order to avoid risky comparisons (i.e. a user deliberately trying to provoke a syntax error).With the quotes I don't see how we can provoke a syntax error. Could you provide an example?
Historically, in some shells: foo=\( bar=\) if [ "$foo" = "$bar" ]; then echo hello world; ficould output 'hello world' (by parsing a parenthesized one-argument test, and the string '=' is non-empty), but:
if [ "x$foo" = "x$bar" ]; then echo goodbye; fidid not (since no operator begins with 'x', you have guaranteed the syntax that [ will parse). Similarly, if foo=! or foo=-a, you could get syntax errors (if [ tried to treat the expansion of $foo as an operator and got thrown off by the remaining arguments not matching an expected pattern).
These days, POSIX says that with three arguments when the 2nd is a binary operator, there is no ambiguity (the binary operator takes precedence over the ( and ) around the non-empty string test), and modern bash obeys the POSIX rule without needing the x prefix. But it is still better to prefix with x for copy-paste portability to older shells that do not match current POSIX rules.
-- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
[Prev in Thread] | Current Thread | [Next in Thread] |