On Thu, Nov 09, 2023 at 08:09:23PM +0100, Steffen Nurpmeso wrote: > j() { > local j= a=${AWK:-awk} > [ $# -gt 0 ] && j='&& $2 !~ /(^| )('$(echo "$@" | tr ' ' '|')')( |$)/' > j=$(jobs -l | $a -F '[][]' '/^[[]/'"$j"'{print "%" $2}{next}') > echo $j > }
Classic code injection vulnerability. What are we even parsing? Start with the input: unicorn:~$ sleep 5 & [1] 849028 unicorn:~$ jobs -l [1]+ 849028 Running sleep 5 & OK, so you wanted to strip the "1" from "[1]" and turn that into "%1", yes? That shouldn't be terribly hard in pure bash. re='^\[([0-9]+)\]' jobspecs=() while IFS= read -r line; do if [[ $line =~ $re ]]; then jobspecs+=( "%${BASH_REMATCH[1]}" ) fi done < <(jobs -l) Wrap that in a function with local declarations, etc.