On Mon, May 11, 2009 at 10:35:18AM +1000, Jon Seymour wrote:
I am trying to parse untrusted strings and represent in a form that
would be safe to execute.
printf %q
cmd=echo
for a in $@
do
cmd=$cmd '${a/\'/''}'
done
echo $cmd
eval $cmd
http://mywiki.wooledge.org/BashFAQ/050 - I'm
Yes, I realised that I should have at least used // after I posted,
not that that would have been sufficient. Thanks for the solution.
jon.
On Mon, May 11, 2009 at 10:20 PM, Greg Wooledge wool...@eeg.ccf.org wrote:
On Mon, May 11, 2009 at 10:35:18AM +1000, Jon Seymour wrote:
I am trying to
I am trying to parse untrusted strings and represent in a form that
would be safe to execute.
So assuming as-echo.sh defined as below for example:
cmd=echo
for a in $@
do
cmd=$cmd '${a/\'/''}'
done
echo $cmd
eval $cmd
Then:
as-echo.sh 'a' '$(foobar)' 'c'
would produce:
echo
