diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2017-03-19 13:53:33 +0100 |
|---|---|---|
| committer | Julian Andres Klode <jak@debian.org> | 2017-04-25 20:59:44 +0200 |
| commit | b82326419c42b22f686495d9d80285b8d2526f96 (patch) | |
| tree | d448bd8cd92800f52eeae70213665be2ffaca8c0 | |
| parent | f2d33afaffb3cc76d96a8ac6bbc5bcb765103e29 (diff) | |
Fix and avoid quoting in CommandLine::AsString
In the intended usecase where this serves as a hack there is no problem
with double/single quotes being present as we write it to a log file
only, but nowadays our calling of apt-key produces a temporary config
file containing this "setting" as well and suddently quoting is
important as the config file syntax is allergic to it.
So the fix is to ignore all quoting whatsoever in the input and just
quote (with singles) the option values with spaces. That gives us 99% of
the time the correct result and the 1% where the quote is an integral
element of the option … doesn't exist – or has bigger problems than a
log file not containing the quote. Same goes for newlines in values.
LP: #1672710
(cherry picked from commit 2ce15bdeac6ee93faefd4b42b57f035bef80c567)
(cherry picked from commit c75620dcfa749f8030e0180df44eec746402885d)
| -rw-r--r-- | apt-pkg/contrib/cmndline.cc | 14 | ||||
| -rw-r--r-- | test/libapt/commandline_test.cc | 10 |
2 files changed, 19 insertions, 5 deletions
diff --git a/apt-pkg/contrib/cmndline.cc b/apt-pkg/contrib/cmndline.cc index c8a6e2787..029ec3060 100644 --- a/apt-pkg/contrib/cmndline.cc +++ b/apt-pkg/contrib/cmndline.cc @@ -402,21 +402,27 @@ void CommandLine::SaveInConfig(unsigned int const &argc, char const * const * co bool closeQuote = false; for (unsigned int i = 0; i < argc && length < sizeof(cmdline); ++i, ++length) { - for (unsigned int j = 0; argv[i][j] != '\0' && length < sizeof(cmdline)-1; ++j, ++length) + for (unsigned int j = 0; argv[i][j] != '\0' && length < sizeof(cmdline)-2; ++j) { - cmdline[length] = argv[i][j]; + // we can't really sensibly deal with quoting so skip it + if (strchr("\"\'\r\n", argv[i][j]) != nullptr) + continue; + cmdline[length++] = argv[i][j]; if (lastWasOption == true && argv[i][j] == '=') { // That is possibly an option: Quote it if it includes spaces, // the benefit is that this will eliminate also most false positives const char* c = strchr(&argv[i][j+1], ' '); if (c == NULL) continue; - cmdline[++length] = '"'; + cmdline[length++] = '\''; closeQuote = true; } } if (closeQuote == true) - cmdline[length++] = '"'; + { + cmdline[length++] = '\''; + closeQuote = false; + } // Problem: detects also --hello if (cmdline[length-1] == 'o') lastWasOption = true; diff --git a/test/libapt/commandline_test.cc b/test/libapt/commandline_test.cc index 7783c47a4..a4019fc93 100644 --- a/test/libapt/commandline_test.cc +++ b/test/libapt/commandline_test.cc @@ -28,8 +28,16 @@ TEST(CommandLineTest,SaveInConfig) "apt-get", "install", "-sf"); APT_EXPECT_CMD("apt-cache -s apt -so Debug::test=Test", "apt-cache", "-s", "apt", "-so", "Debug::test=Test"); - APT_EXPECT_CMD("apt-cache -s apt -so Debug::test=\"Das ist ein Test\"", + APT_EXPECT_CMD("apt-cache -s apt -so Debug::test='Das ist ein Test'", "apt-cache", "-s", "apt", "-so", "Debug::test=Das ist ein Test"); + APT_EXPECT_CMD("apt-cache -s apt -so Debug::test='Das ist ein Test'", + "apt-cache", "-s", "apt", "-so", "Debug::test=\"Das ist ein Test\""); + APT_EXPECT_CMD("apt-cache -s apt -so Debug::test='Das ist ein Test' foo", + "apt-cache", "-s", "apt", "-so", "\"Debug::test=Das ist ein Test\"", "foo"); + APT_EXPECT_CMD("apt-cache -s apt -so Debug::test='Das ist ein Test' foo", + "apt-cache", "-s", "apt", "-so", "\'Debug::test=Das ist ein Test\'", "foo"); + APT_EXPECT_CMD("apt-cache -s apt -so Debug::test='That is crazy!' foo", + "apt-cache", "-s", "apt", "-so", "\'Debug::test=That \ris\n crazy!\'", "foo"); APT_EXPECT_CMD("apt-cache -s apt --hallo test=1.0", "apt-cache", "-s", "apt", "--hallo", "test=1.0"); #undef APT_EXPECT_CMD |