[
https://issues.apache.org/jira/browse/EXEC-93?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14934815#comment-14934815
]
Viktor Sadovnikov commented on EXEC-93:
---------------------------------------
Sebb, thank you very much for reviewing the patch. I see your point. Indeed it
was written and tested only on Linux.
After creation of the patch I also noticed needless quoting and took it out.
However the code still remains Linux specific
About the needs for quoting in apps, our application manages application
servers, configures them based on other applications' needs. So it creates
shell scripts, which can be used by operators manually. This is where I
encounter a need for quoting.
{code:java}
private static final String SINGLE_QUOTE = "\'";
private static final String DOUBLE_QUOTE = "\"";
private static final String ESCAPED_SINGLE_QUOTE = "'\"'\"'";
private static final String ESCAPED_DOUBLE_QUOTE = "\\\"";
private static final String ESCAPED_SINGLE_QUOTE_REGEX =
ESCAPED_SINGLE_QUOTE;
private static final String ESCAPED_DOUBLE_QUOTE_REGEX = "\\\\\"";
public static String quoteArgument(final String argument) {
String cleanedArgument = removeOuterQuotes( argument, true );
String noEscapesArgument = cleanedArgument.replaceAll(
ESCAPED_SINGLE_QUOTE_REGEX, "").replaceAll( ESCAPED_DOUBLE_QUOTE_REGEX, "");
final StringBuilder buf = new StringBuilder();
if (noEscapesArgument.contains(DOUBLE_QUOTE)) {
if (noEscapesArgument.contains(SINGLE_QUOTE)) {
throw new IllegalArgumentException(
"Can't handle single and double quotes in same
argument");
}
return buf.append(SINGLE_QUOTE).append(cleanedArgument).append(
SINGLE_QUOTE).toString();
} else if (noEscapesArgument.contains(SINGLE_QUOTE)
|| noEscapesArgument.contains(" ")) {
return buf.append(DOUBLE_QUOTE).append(cleanedArgument).append(
DOUBLE_QUOTE).toString();
} else {
return cleanedArgument;
}
}
private static String removeOuterQuotes( String argument, boolean trim ) {
String cleanedArgument = (trim) ? argument.trim() : argument;
if (cleanedArgument.startsWith(SINGLE_QUOTE) &&
cleanedArgument.endsWith(SINGLE_QUOTE)) {
return removeOuterQuotes(cleanedArgument.substring(1,
cleanedArgument.length() - 1), false);
}
if (cleanedArgument.startsWith(DOUBLE_QUOTE) &&
cleanedArgument.endsWith(DOUBLE_QUOTE)) {
return removeOuterQuotes(cleanedArgument.substring(1,
cleanedArgument.length() - 1), false);
}
return cleanedArgument;
}
{code}
> Handling of escaped values by StringUtils
> -----------------------------------------
>
> Key: EXEC-93
> URL: https://issues.apache.org/jira/browse/EXEC-93
> Project: Commons Exec
> Issue Type: Bug
> Affects Versions: 1.3, 1.4
> Reporter: Viktor Sadovnikov
> Fix For: 1.4
>
> Attachments: EXEC-93.patch
>
>
> An arguments can contain an environment variable value. For example, in
> command {{cd /tmp && STORAGE_DIR=/tmp resolve.sh}} {{STORAGE_DIR=/tmp}} is an
> argument, which is used by {{resolve.sh}}.
> However values of the variables can be more complicated and can contain
> escaped quotes. Current implementation of
> {{StringUtils#quoteArgument(String)}} does not handle these values correctly.
> Attached patch contains fix for this problem and unit tests to demonstrate
> the problem and the fix
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
