emacs-orgmode
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] ob-clojure.el: Add support for babashka and nbb backend

From: Max Nikulin
Subject: Re: [PATCH] ob-clojure.el: Add support for babashka and nbb backend
Date: Sun, 14 Nov 2021 23:25:05 +0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 
On 14/11/2021 22:28, Daniel Kraus wrote:

* lisp/ob-clojure.el: Add support for babashka and nbb backend.
---
+(defun ob-clojure-escape-quotes (str-val)
+  "Escape quotes for STR-VAL."
+  (replace-regexp-in-string "\"" "\\\"" str-val 'FIXEDCASE 'LITERAL))
+
+(defun ob-clojure-eval-with-babashka (bb expanded)
+  "Evaluate EXPANDED code block using BB (babashka or nbb)."
+  (let ((escaped (ob-clojure-escape-quotes expanded)))
+    (shell-command-to-string
+     (concat bb " -e \"" escaped "\""))))
Does not it an open door for security vulnerabilities? Consider a string somewhere in the code: "`echo arbitrary code execution`". Only outer quotes are escaped.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]