On Saturday 2026-05-30 02:58, Jacob Bachmeyer wrote: > On 5/29/26 17:29, Bruno Haible via Discussion list for automake wrote: >> 'trap' commands in shell scripts present a dilemma: >> >> - If we use double-quotes to delimit the command >> trap "rmdir '$lockdir'; exit 1" 1 2 15 >> we get undefined behaviour if $lockdir contains a single-quote, >> and also some backslashes might be needed here and there, for >> quoting. > > I agree with Jan Engelhardt that evaluating $lockdir when the trap is set is > preferable to evaluating it when the trap is hit, but this means that there is > no way around expanding $lockdir in the argument to trap.
I did not express any preference, I just thought it worth pointing out. There is no good reason to change lockdir between trap setup and trap execution, so either should be safe in principle, and verification that indeed no such modification takes place should be a matter of minutes. :) > I posit that a better solution would be to add a test that our assumptions > hold > to configure and bail out early on in a weird environment that would do things > like putting a single quote into $lockdir. Maybe packages using automake > should > refuse to build in directories with absolute full names containing quote > marks? > > Something like: (in the generated configure) > > case `pwd` in > *[\'\"]*) > echo "ERROR: cannot build reliably in a location named with quote > marks" > exit 1 > ;; > esac There are likely more characters that can create problems down the line, e.g. everything that has a special meaning to make(1), like the space character U+0020 and the backslash itself.
