Date: Mon, 16 Nov 2015 17:13:35 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 204602] parse() in boot loader interp_parse.c is too naive about quotes Message-ID: <bug-204602-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204602 Bug ID: 204602 Summary: parse() in boot loader interp_parse.c is too naive about quotes Product: Base System Version: 11.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: tsoome@me.com Created attachment 163200 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=163200&action=edit udiff of inter_parse.c current logic how the quotes (both ' and ") are managed is a bit too relaxed, allowing wierd constructs like set name="value' also usual single quote semantics is not possible and, the code does not check if the quoted string actually has ending quote. I'm adding here diff for possible update, which implements: 1. distinguishing single and double quote 2. variable expansion will not be done inside single quote protected area 3. will preserve inner quote for values like "value 'some list'" 4. ending quote check. however, this diff does not implement ending quote order check - it shouldn't be too hard, needs some improvements on parser state machine. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-204602-8>