[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
%q with truncating size loses safeness of %q
|
From: |
Sam Liddicott |
|
Subject: |
%q with truncating size loses safeness of %q |
|
Date: |
Fri, 17 Apr 2020 15:22:16 +0100 |
Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-pc-linux-gnu'
-DCONF_VENDOR='pc' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash'
-DSHELL -DHAVE_CONFIG_H -I. -I../. -I.././include -I.././lib
-Wdate-time -D_FORTIFY_SOURCE=2 -g -O2
-fdebug-prefix-map=/build/bash-N2nMjo/bash-4.4.18=.
-fstack-protector-strong -Wformat -Werror=format-security -Wall
-Wno-parentheses -Wno-format-security
uname output: Linux sojojojo 5.3.0-46-generic #38~18.04.1-Ubuntu SMP
Tue Mar 31 04:17:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Machine Type: x86_64-pc-linux-gnu
Bash Version: 4.4
Patch Level: 20
Release Status: release
Also occurs on 5.0.7(1)-release
Description:
printf %q with a truncating size will emit partially escaped
sequence thus losing the safety and composability that %q
is intended to provide.
Repeat-By:
$ printf 'echo %.2q%q\n' "a'b" ';ls'
echo a\\;ls
The semi-colon is no longer escaped, the expectation of
the %q formatter is lost
Fix:
If it the escape sequence that is to be limited in size,
then it should avoid emitting a partial sequence
If the product of the sequence is to be limited in size, then
the truncating size quantifer should apply to the input, so
that it will emit output which will produce a value of the
specified length
- %q with truncating size loses safeness of %q,
Sam Liddicott <=