From 9db1c230c4b9178b1f9ab41c47f3615c54b42852 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Fri, 30 Nov 2007 13:45:38 +0100 Subject: Be extra careful to quote $abs_top_builddir-derived names. * tests/misc/ls-misc (shell_quote): New function. Use it to quote file names derived from $abs_top_builddir, in case it contains shell meta-characters. This is not currently needed, since CuTmpdir detects the fishy name and skips the test. But it's important enough to add the extra protection. Reported by Ralf Wildenhues. --- tests/misc/ls-misc | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'tests/misc') diff --git a/tests/misc/ls-misc b/tests/misc/ls-misc index 520c5031e..1e4f327f9 100755 --- a/tests/misc/ls-misc +++ b/tests/misc/ls-misc @@ -35,9 +35,24 @@ use strict; # Turn off localisation of executable's ouput. @ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3; +# If the string $S is a well-behaved file name, simply return it. +# If it contains white space, quotes, etc., quote it, and return the new string. +sub shell_quote($) +{ + my ($s) = @_; + if ($s =~ m![^\w+/.,-]!) + { + # Convert each single quote to '\'' + $s =~ s/\'/\'\\\'\'/g; + # Then single quote the string. + $s = "'$s'"; + } + return $s; +} + # Set up files used by the setuid-etc tests; skip this entire test if # that cannot be done. -my $test = "$ENV{abs_top_builddir}/src/test"; +my $test = shell_quote "$ENV{abs_top_builddir}/src/test"; system (qq(touch setuid && chmod u+s setuid && $test -u setuid && touch setgid && chmod g+s setgid && $test -g setgid && mkdir sticky && chmod +t sticky && $test -k sticky && -- cgit v1.2.3-70-g09d2