Re: [PATCH v10 02/10] qemu-binfmt-conf.sh: enforce safe tests

[Eric Blake]

On 3/10/20 3:28 AM, Laurent Vivier wrote:
> Le 09/03/2020 à 20:19, Unai Martinez-Corral a écrit :
> > All the tests are prefixed with 'x', in order to avoid risky comparisons
> > (i.e. a user deliberately trying to provoke a syntax error).
>
> With the quotes I don't see how we can provoke a syntax error.
> Could you provide an example?

Historically, in some shells:

foo=\(
bar=\)
if [ "$foo" = "$bar" ]; then echo hello world; fi

could output 'hello world' (by parsing a parenthesized one-argument 
test, and the string '=' is non-empty), but:

if [ "x$foo" = "x$bar" ]; then echo goodbye; fi

did not (since no operator begins with 'x', you have guaranteed the 
syntax that [ will parse).  Similarly, if foo=! or foo=-a, you could get 
syntax errors (if [ tried to treat the expansion of $foo as an operator 
and got thrown off by the remaining arguments not matching an expected 
pattern).

These days, POSIX says that with three arguments when the 2nd is a 
binary operator, there is no ambiguity (the binary operator takes 
precedence over the ( and ) around the non-empty string test), and 
modern bash obeys the POSIX rule without needing the x prefix.  But it 
is still better to prefix with x for copy-paste portability to older 
shells that do not match current POSIX rules.

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org