python - Bash: Tokenize string using shell rules without eval'ing it? -


i'm writing wrapper script. original program's arguments in separate file, args. script needs split contents of args using shell parameter rules , run program. partial solution (set + eval) offered in splitting string tokens according shell parameter rules without eval:

#!/usr/bin/env bash stdout="$1" stderr="$2" ( set -f ; eval "set -- $(cat args)"; exec run_in_container "$@" >"$stdout" 2>"$stderr" )

but in case args user-generated. 1 can imagine

  • args: echo "hello, 'world'! $(rm -rf /)" (not cool, harmless: commands run in e.g. docker container)
  • args: bash -c "$java_home/<...> > <...> && <...>" (harmful: $java_home intended container's value of environment variable java_home, substituted earlier, when eval'ing command in wrapper script's subshell.)

i tried python, , works:

#!/usr/bin/env python import shlex, subprocess, sys  open('args', 'r') argsfile:     args = argsfile.read()  open(sys.argv[1], 'w') outfile, open(sys.argv[2], 'w') errfile:     exit(subprocess.call(["run_in_container"] + shlex.split(args), stdout=outfile, stderr=errfile))

is there way shlex in bash: tokenize string using shell parameter rules, don't substitute variables' values, don't execute $(...) etc.?


Comments

Post a Comment

Popular posts from this blog

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^...
Read more

Unlimited choices in BASH case statement -

consider simple bash snippet: case $option in 1) image=${options[0]%.tar} ;; 2) image=${options[1]%.tar} ;; 3) image=${options[2]%.tar} ;; 4) image=${options[3]%.tar} ;; *) echo "invalid option" exit 1 esac in real script numbers goes 30. makes pretty long. can somehow specify cases variable? something this: case $option in $i) image=${options[$(($i-1))]%.tar} any pointer appreciated. you can match against multiple patterns in single clause: case $option in 1|2|3: echo "$option one, 2 or three" ;; esac if still typing you, can use simple pattern matching: case $option in # following matches # - single-digit numbers 0-9 # - two-digit numbers starting either 1 or 2 # - number 30 [0-9]|[12][0-9]|30) image=${options[$(($option-1))]%.tar} ;; *) echo "invalid option" 1>&2 exit 1 esac
Read more

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in...
Read more