<tt>Eric Blake <eblake@redhat.com> wrote on 09/24/2010 06:16:35 PM: > On 09/24/2010 02:22 PM, Stefan Berger wrote: > > I just tried the TCK test without and with double-escaping in libvirtd > > and double-escaping does seem to be necessary otherwise `ls` and $(ls) > > do get executed and their results end up in the comment. The spaces > > are preserved, though, so I can revert the change to IFS. > > Hmm. > > > "res=`eval \"$cmd\"" CMD_SEPARATOR > > > + virBufferVSprintf(buf, > > + " -m comment --comment \\\"%s\\\"", > > + cmt); > > Thinking about it more: > [...] > > My suggestion is to assign cmd using '' rather than "" (fewer things to > quote), as well as moving the eval outside of the `` (so it becomes > obvious which \ are interpreted by eval rather than by ``: > > cmd='iptables -m comment --comment '\''user $comment'\'' > eval res=\`"$cmd"\` > res=`iptables -m comment --comment 'user $comment'` > > And the nice part of that is the implementation: > > virBufferVSprintf(buf, " -m comment --comment '%s'", > escapeSingleQuotes(user_comment)); > > virBufferVSprintf(cmd, "cmd='%s'\nres=\\`\"$cmd\"\\`", > escapeSingleQuotes(buf)); > </tt> <tt>Also I followed this. I had to write it like this here to reflect what you wrote further above:</tt> <tt>virBufferVSprintf(buf, " -m comment --comment '\''%s'\''", shellEscapeString(user_comment)); </tt> <tt>and shellEscapeString() needs to escape ' as well as `, otherwise I can execute commands.</tt> <tt>Thanks for the help.</tt> <tt>> > On further thought, gnulib might be doing: > > #define strchr rpl_strchr > > on platforms where strchr is broken, so using #undef strchr is too > risky. So I'd recommend sticking with (strchr)(a, b), which still works > if gnulib has to replace a broken strchr.</tt> <tt>Ok. This also works. Wished they left a note in the man pages about this... </tt> <tt> Stefan</tt>