[Libguestfs] [PATCH nbdkit 3/4] common: Move a utility function to a common directory.

[Eric Blake]

On 2/19/19 1:49 AM, Richard W.M. Jones wrote:
> From: "Richard W.M. Jones" <rjones at redhat.com>
> 
> The shell_quote function is moved to a new common/utils directory.
> Eventually more utility functions can be created here.
> 
> This change is pure refactoring.

Indeed, so no problem with the patch as-is, but you may have a
low-priority latent bug (here and in libguestfs) to address in a
separate patch:

> +/* Print str to fp, shell quoting if necessary.  This comes from
> + * libguestfs, but was written by me so I'm relicensing it to a BSD
> + * license for nbdkit.
> + */
> +void
> +shell_quote (const char *str, FILE *fp)
> +{
> +  const char *safe_chars =
> +    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_=,:/";

'=' is not always a safe shell character.  Consider:

$ echo echo hi > a=b
$ chmod +x a=b
$ (PATH=$PATH:; 'a=b')
hi

(I used the subshell to force a PATH lookup in the current directory,
since not everyone's PATH has that by default.) That is, adding quotes
around a string containing = determines whether that string can operate
as a variable assignment or as a program name.

Then, there's the fact that:

myprog a=b c="d e"

looks nicer than

myprog "a=b" "c=d e"

In general, since you are unlikely to have argv[0] containing '=', the
current code treating = as safe is probably okay, but if we DO want to
special case = in argv[0], then we may also want to special case quoting
for any other arguments that resemble name=value to only quote after the
first = if the content before the = resembles a shell name.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org