David L Norris scribbled on 10/16/06 4:55 PM:
> On Mon, 2006-10-16 at 14:11 -0700, Peter Karman wrote:
>> yes, that's it. it uses isalnum(), which on my system at least (OS X) doesn't
>> match underscore.
> isalnum is equivalent to (isdigit || isalpha) which matches A-Z or a-z
> or 0-9 (or whatever characters are equivalent in the current locale).
>> Looks like it should check for _ and . at the very least. Probably - too.
>> Any others?
> Probably many characters and we'd undoubtedly miss some along the way.
> Like Bill says, its just not safe to try to list which characters we
> want to trust. I think whatever we're doing in extprog.c we should be
> doing filter.c.
well, extprog.c and filter.c both use popen() (as Bill said). Looking at the
code, the difference seems to be in how the command opts are parsed and
constructed. extprog.c has a much simpler task, since it has to be parsed just
once at runtime. filter.c has to deal with every single eligible file, and has
the multiple macros for expanding values, etc.
I think we might be over-thinking this. If the original issue that stringQuote()
was trying to address was simply that quotes in filenames cause problems, why
not just escape quotes, rather than trying to escape everything suspicious?
Peter Karman . http://peknet.com/ . peter(at)not-real.peknet.com
Received on Mon Oct 16 18:36:29 2006