You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2020/06/03 08:10:17 UTC

[GitHub] [incubator-nuttx] xiaoxiang781216 commented on a change in pull request #1183: mkdeps: Quote CFLAGS to be safe with the shell

xiaoxiang781216 commented on a change in pull request #1183:
URL: https://github.com/apache/incubator-nuttx/pull/1183#discussion_r434385052



##########
File path: tools/mkdeps.c
##########
@@ -296,10 +298,75 @@ static void show_usage(const char *progname, const char *msg, int exitcode)
   exit(exitcode);
 }
 
+/****************************************************************************
+ * Name: do_shquote
+ *
+ * Description:
+ *    Escape the given string for use with the shell.
+ *
+ *    The idea was taken from:
+ *    https://netbsd.gw.com/cgi-bin/man-cgi?shquote++NetBSD-current
+ *    However, this implementation doesn't try to elide extraneous quotes.
+ ****************************************************************************/
+
+static const char *do_shquote(const char *argument)
+{
+  const char *src;
+  char *dest;
+  int len;
+
+  src  = argument;
+  dest = g_shquote;
+  len  = 0;
+
+  if (len < sizeof(g_shquote))
+    {
+      *dest++ = '\'';
+      len++;
+    }
+
+  while (*src && len < sizeof(g_shquote))
+    {
+      if (*src == '\'')
+        {
+          /* Expand single quote to '\'' */
+
+          if (len + 4 > sizeof(g_shquote))
+            {
+              break;
+            }
+
+          src++;
+          memcpy(dest, "\'\\\'\'", 4);
+          dest += 4;
+          len += 4;
+        }
+      else
+        {
+          *dest++ = *src++;
+          len++;
+        }
+    }
+
+  if (*src || len + 2 > sizeof(g_shquote))
+    {
+      fprintf(stderr,
+              "ERROR: Truncated during shquote string is too long"
+              "[%lu/%zu]\n", (unsigned long)strlen(argument),

Review comment:
        change to:
   ```
   "[%zu/%zu]\n", strlen(argument), sizeof(g_shquote));
   ```
   to avoid the cast.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org