(Sorry if my mail client messes up with the quoting. I use the mobile web version of Gmail.)
Steffen Nurpmeso <[email protected]> 於 2024年7月4日 星期四寫道: > |Kang-Che Sung wrote in > | > |Just FYI, there is a portable alternative to the $'' (dollar-single-quote) > |of passing special characters in the shell. It's $(printf '...') with > |command substitution. > > You mean the %q format? That is not standardized. > > %q ARGUMENT is printed in a format that can be reused as shell in- > put, escaping non-printable characters with the proposed POSIX > $'' syntax. > > Just like bash(1)s ${parameter@operator}: > > Q The expansion is a string that is the value of parameter > quoted in a format that can be reused as input. I am not expecting any quoted and shell-escaped filename output may be reused as input. Such quoting and escaping may be useful in filtering well-known problematic characters (shell meta-characters, quotation marks, etc.), but would never be complete in mitigating all possible attacks with the Unicode characters. That's why I mentioned two use cases, and made them distinct. You can't win both. > Well one could look for isatty(3) for example. > Things are easier if you also know you are in a Unicode-aware > environment, then you can simply add U+2400 aka do > > if(!iswprint(wc) && wc != '\n' /*&& wc != '\r' && wc != '\b'*/ && > wc != '\t'){ > if ((wc & ~S(wchar_t,037)) == 0) > wc = isuni ? 0x2400 | wc : '?'; > else if(wc == 0177) > wc = isuni ? 0x2421 : '?'; > else > wc = isuni ? 0x2426 : '?'; > > but in other cases have to be aware of L-TO-R and R-TO-R marks, > zero width and non-characters, ie most brutal (where isuni tells > us that the character set aka wchar_t is real Unicode). > > }else if(isuni){ /* TODO ctext */ > /* Need to filter out L-TO-R and R-TO-R marks TODO ctext */ > if(wc == 0x200E || wc == 0x200F || (wc >= 0x202A && wc <= 0x202E)) > continue; > /* And some zero-width messes */ > if(wc == 0x00AD || (wc >= 0x200B && wc <= 0x200D)) > continue; > /* Oh about the ISO C wide character interfaces, baby! */ > if(wc == 0xFEFF) > continue; > } This was the second use case I mentioned. That is, `--quoting-style=whatever`. We can make this the default when `stdout` is a terminal, and I believe GNU utilities already did this.
_______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
