From: Jilles Tjoelker <jilles@stack.nl>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: harald@redhat.com, dash@vger.kernel.org
Subject: Re: [PATCH] var.c: check for valid variable name before printing in "export -p"
Date: Sat, 25 Feb 2012 15:30:04 +0100 [thread overview]
Message-ID: <20120225143004.GA8575@stack.nl> (raw)
In-Reply-To: <20120225073636.GA19041@gondor.apana.org.au>
On Sat, Feb 25, 2012 at 06:36:36PM +1100, Herbert Xu wrote:
> On Tue, Feb 14, 2012 at 10:48:48AM +0000, harald@redhat.com wrote:
> > From: Harald Hoyer <harald@redhat.com>
> > "export -p" prints all environment variables, without checking if the
> > environment variable is a valid dash variable name.
> > IMHO, the only valid usecase for "export -p" is to eval the output.
> Thanks a lot for the report and patch.
> I'd prefer to fix this up at entry into the shell rather than
> when we print out the variables. So how about this patch?
Such a change would change other things than just "set" and "export -p".
It would also not propagate environment variables with invalid names to
child processes. For example:
env -i not-a-name=1 PATH="$PATH" dash -c env | grep not-a-name
Most shells pass the environment variable through, such as bash, zsh,
ksh93 and most ash derivatives. However, the original Bourne shell and
pdksh/mksh do not.
I think it is best to pass them through so that executing a utility with
and without the shell are as similar as possible (most versions of
make(1) assume this is the case by skipping the shell if the command is
simple enough) and particularly for dash for historical/compatibility
reasons.
I did something similar to the OP's patch in FreeBSD (SVN r223183):
"set" and "export -p" skip variables with invalid names.
Note that this problem cannot occur with "readonly -p" because only
variables with a proper name can be marked read-only.
--
Jilles Tjoelker
next prev parent reply other threads:[~2012-02-25 14:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-14 10:48 [PATCH] var.c: check for valid variable name before printing in "export -p" harald
2012-02-25 7:36 ` Herbert Xu
2012-02-25 14:30 ` Jilles Tjoelker [this message]
2012-02-25 14:31 ` Herbert Xu
2012-02-25 14:53 ` Eric Blake
2012-02-25 14:54 ` Herbert Xu
2012-02-25 15:09 ` Jilles Tjoelker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120225143004.GA8575@stack.nl \
--to=jilles@stack.nl \
--cc=dash@vger.kernel.org \
--cc=harald@redhat.com \
--cc=herbert@gondor.apana.org.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox