tramp-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Guard against random bash bug

From: Michael Albinus
Subject: Re: [PATCH] Guard against random bash bug
Date: Wed, 14 Dec 2016 21:46:16 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) 
Dominique Quatravaux <address@hidden> writes:

Hi Dominique,

> It turns out that when a="Foo Bar",
>
>   export b=$a
>
> does what we want, but
>
>   export $b=$a
>
> doesn't, regardless of the value of b.

Thanks for the report!

> diff --git a/lisp/tramp-sh.el b/lisp/tramp-sh.el
> index 419dccb..b45cf29 100644
> --- a/lisp/tramp-sh.el
> +++ b/lisp/tramp-sh.el
> @@ -4201,7 +4201,7 @@ process to set up.  VEC specifies the connection."
>       (when vars
>       (tramp-send-command
>        vec
> -      (format "while read var val; do export $var=$val; done <<'%s'\n%s\n%s"
> +      (format "while read var val; do export $var=\"$val\"; done 
> <<'%s'\n%s\n%s"
>                tramp-end-of-heredoc
>                (mapconcat 'identity vars "\n")
>                tramp-end-of-heredoc)

Well, I'm not in favor to embed $val with double quotation marks. $val
itself could be '' (two single quotation marks), telling us "the empty
string". With your patch, '' would be taken literally.

Instead, I prefer the following patch:

--8<---------------cut here---------------start------------->8---
*** 
/home/albinus/src/tramp/lisp/tramp-sh.el.~2146f5850aef5a4abcbb97178114f82f251cf70c~
 2016-12-14 21:39:22.073812497 +0100
--- /home/albinus/src/tramp/lisp/tramp-sh.el    2016-12-14 21:39:07.520363653 
+0100
***************
*** 4196,4207 ****
        (setq item (split-string item "=" 'omit))
        (setcdr item (mapconcat 'identity (cdr item) "="))
        (if (and (stringp (cdr item)) (not (string-equal (cdr item) "")))
!           (push (format "%s %s" (car item) (cdr item)) vars)
          (push (car item) unset)))
        (when vars
        (tramp-send-command
         vec
!        (format "while read var val; do export $var=$val; done <<'%s'\n%s\n%s"
                 tramp-end-of-heredoc
                 (mapconcat 'identity vars "\n")
                 tramp-end-of-heredoc)
--- 4196,4210 ----
        (setq item (split-string item "=" 'omit))
        (setcdr item (mapconcat 'identity (cdr item) "="))
        (if (and (stringp (cdr item)) (not (string-equal (cdr item) "")))
!           (push
!            (format
!             "export %s=%s" (car item) (tramp-shell-quote-argument (cdr item)))
!            vars)
          (push (car item) unset)))
        (when vars
        (tramp-send-command
         vec
!        (format "while read -r var; do eval $var; done <<'%s'\n%s\n%s"
                 tramp-end-of-heredoc
                 (mapconcat 'identity vars "\n")
                 tramp-end-of-heredoc)
--8<---------------cut here---------------end--------------->8---

Does this work for you?

Best regards, Michael.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]