[mythtv-commits] Ticket #10677: Safely escape shell arguments
MythTV
noreply at mythtv.org
Tue May 1 06:07:49 UTC 2012
#10677: Safely escape shell arguments
------------------------------+-----------------------------
Reporter: github@… | Owner:
Type: Patch - Bug Fix | Status: new
Priority: minor | Milestone:
Component: MythTV - General | Version: Master Head
Severity: medium | Resolution:
Keywords: | Ticket locked: 0
------------------------------+-----------------------------
Comment (by github@…):
This patch obviously doesn't require anyone to use newlines or pipes in
their filenames. :) It also doesn't contain special code for those
characters. I was just making the point that it handles all
metacharacters.
The simplicity of this implementation should make it safer, because it is
easier to audit. The existing !ShellEscape function is 13 lines instead of
the 1 I submitted. The existing function handles a file named "Takin'" but
not one named "Sweet Talkin'". The inconsistency of the existing way just
looked unattractive to me.
--
Ticket URL: <http://code.mythtv.org/trac/ticket/10677#comment:2>
MythTV <http://code.mythtv.org/trac>
MythTV Media Center
More information about the mythtv-commits
mailing list