From owner-cvs-all  Wed Aug  9  2:21:52 2000
Delivered-To: cvs-all@freebsd.org
Received: from storm.FreeBSD.org.uk (storm.freebsd.org.uk [194.242.139.170])
	by hub.freebsd.org (Postfix) with ESMTP
	id 31C9537B78E; Wed,  9 Aug 2000 02:21:44 -0700 (PDT)
	(envelope-from brian@Awfulhak.org)
Received: from hak.lan.Awfulhak.org (hak.nat.Awfulhak.org [172.31.0.12])
	by storm.FreeBSD.org.uk (8.9.3/8.9.3) with ESMTP id KAA00918;
	Wed, 9 Aug 2000 10:21:42 +0100 (BST)
	(envelope-from brian@Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.9.3/8.9.3) with ESMTP id JAA00464;
	Wed, 9 Aug 2000 09:18:09 +0100 (BST)
	(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200008090818.JAA00464@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.1.1 10/15/1999
To: Ben Smithurst <ben@FreeBSD.org>
Cc: Kris Kennaway <kris@FreeBSD.org>,
	Brian Somers <brian@Awfulhak.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org, brian@Awfulhak.org
Subject: Re: cvs commit: src/etc rc 
In-Reply-To: Message from Ben Smithurst <ben@FreeBSD.org> 
   of "Wed, 09 Aug 2000 07:11:03 BST." <20000809071103.U65753@strontium.scientia.demon.co.uk> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 09 Aug 2000 09:18:08 +0100
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Kris Kennaway wrote:
> 
> > On Tue, 8 Aug 2000, Brian Somers wrote:
> > 
> >> How is it vulnerable to files with spaces ?  I have specifically 
> >> tested this with filenames containing embedded spaces and ^Hs and the 
> >> like.
> > 
> > Oops, I misread the effect of this line:
> > 
> > +                       cd "$dir" && ls | while read file
> > 
> > I assumed the 'read' would just take the next word.
> 
> I think this will still break for filenames which either begin or end
> with a space, or contain a newline.  Why not just use 'for file in .* *;
> do ...; done' which would seem safer?

You're right.  I'm about to commit this change.

There are also some nasties for files with leading `-'s and a disaster
waiting to happen WRT following symlinks...

> -- 
> Ben Smithurst                 / ben@FreeBSD.org / PGP: 0x99392F7D
> FreeBSD Documentation Project /

Cheers.

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message