➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2009-12-14 21:48 by bgertzfield, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| pipes.diff | georg.brandl, 2010-01-09 23:00 | |||
| Messages (5) | |||
|---|---|---|---|
| msg96405 - (view) | Author: Ben Gertzfield (bgertzfield) | Date: 2009-12-14 21:48 | |
The undocumented (but unit tested!) pipes.quote does not correctly
escape '!', which cannot be passed to the shell outside of single-
quotes:
sh-3.2$ python
Python 2.6.1 (r261:67515, Jul 7 2009, 23:51:51)
[GCC 4.2.1 (Apple Inc. build 5646)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import pipes
>>> pipes.quote("omgshoes!")
'omgshoes!'
sh-3.2$ echo "omgshoes!"
sh: !": event not found
bash-3.2$ echo "omgshoes!"
bash: !": event not found
zsh-4.3.9% echo "omgshoes!"
dquote>
This needs to be single-quoted for safety:
sh-3.2$ echo 'omgshoes!'
omgshoes!
bash-3.2$ echo 'omgshoes!'
omgshoes!
zsh-4.3.9% echo 'omgshoes!'
omgshoes!
|
|||
| msg97454 - (view) | Author: Georg Brandl (georg.brandl) *  |
Date: 2010-01-09 10:25 | |
I'm attaching a patch that changes quote() logic. It also fixes #7476, the empty argument case. Strings with unsafe characters are now always quoted with single quotes. Single quotes themselves are replaced by a single quote in double quotes, so that te$t'quoting becomes 'te$t'"'"'quoting' which I believe is portable across all commonly used shells. (Another implementation would be to just backslash-quote all unsafe chars, but it makes for less readable results.) Assigning to David for review -- you recently claimed to like shells :) |
|||
| msg97476 - (view) | Author: Georg Brandl (georg.brandl) * |
Date: 2010-01-09 23:00 | |
Really adding the patch now. |
|||
| msg97489 - (view) | Author: R. David Murray (r.david.murray) * |
Date: 2010-01-10 01:58 | |
The patch looks good to me, except that one test fails. You seem to have inadvertently deleted the '=' from the safe chars list in the test. We should also add a test for the '' case. And presumably the docs requested in the other ticket... |
|||
| msg104069 - (view) | Author: Georg Brandl (georg.brandl) * |
Date: 2010-04-24 09:08 | |
Fixed in r80433. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:55 | admin | set | github: 51756 |
| 2010-04-24 09:08:23 | georg.brandl | set | status: open -> closed assignee: r.david.murray -> georg.brandl resolution: fixed messages: + msg104069 |
| 2010-01-10 01:58:06 | r.david.murray | set | priority: normal stage: test needed messages: + msg97489 versions: + Python 3.1, Python 2.7, Python 3.2 |
| 2010-01-09 23:00:39 | georg.brandl | set | files:
+ pipes.diff keywords: + patch messages: + msg97476 |
| 2010-01-09 10:25:25 | georg.brandl | set | assignee: r.david.murray messages: + msg97454 nosy: + r.david.murray, georg.brandl |
| 2009-12-14 21:48:29 | bgertzfield | create | |