GNU bug report logs - #20333
24.3; Add warning about shell quoting to documentation of combine-and-quote-strings

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 20333 in the body.
You can then email your comments to 20333 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Philipp Stephani <p.stephani2 <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: 24.3; Add warning about shell quoting to documentation of
 combine-and-quote-strings
Date: Tue, 14 Apr 2015 21:03:18 +0200

Context and more discussion:
http://lists.gnu.org/archive/html/help-gnu-emacs/2015-04/msg00179.html

It would be great if the documentation string and the Elisp manual about
`combine-and-quote-strings' could be made a bit clearer by explicitly
stating that this function is not useful for shell quoting.


In GNU Emacs 24.3.1 (x86_64-pc-linux-gnu, GTK+ Version 3.10.7)
 of 2014-03-07 on lamiak, modified by Debian
Windowing system distributor `The X.Org Foundation', version 11.0.11501000
System Description:	Ubuntu 14.04 LTS

Configured using:
 `configure '--build' 'x86_64-linux-gnu' '--build' 'x86_64-linux-gnu'
 '--prefix=/usr' '--sharedstatedir=/var/lib' '--libexecdir=/usr/lib'
 '--localstatedir=/var/lib' '--infodir=/usr/share/info'
 '--mandir=/usr/share/man' '--with-pop=yes'
 '--enable-locallisppath=/etc/emacs24:/etc/emacs:/usr/local/share/emacs/24.3/site-lisp:/usr/local/share/emacs/site-lisp:/usr/share/emacs/24.3/site-lisp:/usr/share/emacs/site-lisp'
 '--with-crt-dir=/usr/lib/x86_64-linux-gnu' '--with-x=yes'
 '--with-x-toolkit=gtk3' '--with-toolkit-scroll-bars'
 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fstack-protector
 --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall'
 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro'
 'CPPFLAGS=-D_FORTIFY_SOURCE=2''

Important settings:
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

Major mode: Help

Minor modes in effect:
  tooltip-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  blink-cursor-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  buffer-read-only: t
  line-number-mode: t
  transient-mark-mode: t

Recent input:
<help-echo> <help-echo> C-h f c o m b i n <tab> n <tab> 
<return> <help-echo> C-h i C-s e l i <return> <return> 
C-s p r o c <return> <return> <down-mouse-5> <mouse-5> 
<double-down-mouse-5> <double-mouse-5> <triple-down-mouse-5> 
<triple-mouse-5> <triple-down-mouse-5> <triple-mouse-5> 
<triple-down-mouse-5> <triple-mouse-5> <down-mouse-4> 
<mouse-4> <double-down-mouse-4> <double-mouse-4> <down-mouse-4> 
<mouse-4> <double-down-mouse-4> <double-mouse-4> <down-mouse-5> 
<mouse-5> <help-echo> <down-mouse-1> <mouse-2> <down-mouse-5> 
<mouse-5> <double-down-mouse-5> <double-mouse-5> <down-mouse-4> 
<mouse-4> <double-down-mouse-4> <double-mouse-4> <down-mouse-5> 
<mouse-5> <double-down-mouse-5> <double-mouse-5> <triple-down-mouse-5> 
<triple-mouse-5> <down-mouse-5> <mouse-5> <help-echo> 
<help-echo> <down-mouse-5> <mouse-5> <down-mouse-5> 
<mouse-5> <down-mouse-4> <mouse-4> <down-mouse-5> <mouse-5> 
<double-down-mouse-5> <double-mouse-5> <down-mouse-5> 
<mouse-5> <double-down-mouse-5> <double-mouse-5> <down-mouse-4> 
<mouse-4> <double-down-mouse-4> <double-mouse-4> <triple-down-mouse-4> 
<triple-mouse-4> <help-echo> <down-mouse-1> <mouse-1> 
M-x r e p o r t <tab> <return>

Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Type C-x 1 to delete the help window.
Composing main Info directory...done
Mark saved where search started [2 times]
byte-code: End of buffer

Load-path shadows:
None found.

Features:
(shadow sort gnus-util mail-extr emacsbug message format-spec rfc822 mml
mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231 mailabbrev
gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums mm-util
mail-prsvr mail-utils jka-compr misearch multi-isearch info help-mode
easymenu help-fns time-date tooltip ediff-hook vc-hooks lisp-float-type
mwheel x-win x-dnd tool-bar dnd fontset image regexp-opt fringe
tabulated-list newcomment lisp-mode register page menu-bar rfn-eshadow
timer select scroll-bar mouse jit-lock font-lock syntax facemenu
font-core frame cham georgian utf-8-lang misc-lang vietnamese tibetan
thai tai-viet lao korean japanese hebrew greek romanian slovak czech
european ethiopic indian cyrillic chinese case-table epa-hook
jka-cmpr-hook help simple abbrev minibuffer loaddefs button faces
cus-face macroexp files text-properties overlay sha1 md5 base64 format
env code-pages mule custom widget hashtable-print-readable backquote
make-network-process dbusbind dynamic-setting system-font-setting
font-render-setting move-toolbar gtk x-toolkit x multi-tty emacs)

Message #8 received at 20333 <at> debbugs.gnu.org (full text, mbox):

From: npostavs <at> users.sourceforge.net
To: Philipp Stephani <p.stephani2 <at> gmail.com>
Cc: 20333 <at> debbugs.gnu.org
Subject: Re: bug#20333: 24.3;
 Add warning about shell quoting to documentation of
 combine-and-quote-strings
Date: Sun, 03 Jul 2016 10:03:55 -0400

[Message part 1 (text/plain, inline)]

tags 20333 patch
quit

Philipp Stephani <p.stephani2 <at> gmail.com> writes:

> Context and more discussion:
> http://lists.gnu.org/archive/html/help-gnu-emacs/2015-04/msg00179.html
>
> It would be great if the documentation string and the Elisp manual about
> `combine-and-quote-strings' could be made a bit clearer by explicitly
> stating that this function is not useful for shell quoting.

How about this:

[v1-0001-Note-combine-and-quote-strings-doesn-t-shell-quot.patch (text/x-diff, inline)]

From 5a1d23231bcf3c279fd3b09654fb132513748e6c Mon Sep 17 00:00:00 2001
From: Noam Postavsky <npostavs <at> gmail.com>
Date: Sun, 3 Jul 2016 09:56:36 -0400
Subject: [PATCH v1] Note combine-and-quote-strings doesn't shell quote

* doc/lispref/processes.texi (Shell Arguments):
* lisp/subr.el (combine-and-quote-strings): Add a note that
combine-and-quote-strings doesn't protect arguments against shell
evaluation (Bug #20333).
---
 doc/lispref/processes.texi | 5 +++++
 lisp/subr.el               | 5 ++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi
index 5bd0b11..b4542f6 100644
--- a/doc/lispref/processes.texi
+++ b/doc/lispref/processes.texi
@@ -215,6 +215,11 @@ Shell Arguments
 string arguments to be passed to @code{call-process} or
 @code{start-process}, or for converting such lists of arguments into
 a single Lisp string to be presented in the minibuffer or echo area.
+Note that if a shell is involved (e.g., if using
+@code{call-process-shell-command}), arguments should still be
+protected by @code{shell-quote-argument};
+@code{combine-and-quote-strings} is @emph{not} intended to protect
+special characters from shell evaluation.
 
 @defun split-string-and-unquote string &optional separators
 This function splits @var{string} into substrings at matches for the
diff --git a/lisp/subr.el b/lisp/subr.el
index ed2166a..e9e19d3 100644
--- a/lisp/subr.el
+++ b/lisp/subr.el
@@ -3706,7 +3706,10 @@ combine-and-quote-strings
   "Concatenate the STRINGS, adding the SEPARATOR (default \" \").
 This tries to quote the strings to avoid ambiguity such that
   (split-string-and-unquote (combine-and-quote-strings strs)) == strs
-Only some SEPARATORs will work properly."
+Only some SEPARATORs will work properly.
+
+Note that this is not intended to protect STRINGS from
+interpretation by shells, use `shell-quote-argument' for that."
   (let* ((sep (or separator " "))
          (re (concat "[\\\"]" "\\|" (regexp-quote sep))))
     (mapconcat
-- 
2.8.0

Message #13 received at 20333 <at> debbugs.gnu.org (full text, mbox):

From: Philipp Stephani <p.stephani2 <at> gmail.com>
To: npostavs <at> users.sourceforge.net
Cc: 20333 <at> debbugs.gnu.org
Subject: Re: bug#20333: 24.3; Add warning about shell quoting to documentation
 of combine-and-quote-strings
Date: Sun, 03 Jul 2016 15:27:58 +0000

[Message part 1 (text/plain, inline)]

<npostavs <at> users.sourceforge.net> schrieb am So., 3. Juli 2016 um 16:03 Uhr:

> tags 20333 patch
> quit
>
> Philipp Stephani <p.stephani2 <at> gmail.com> writes:
>
> > Context and more discussion:
> > http://lists.gnu.org/archive/html/help-gnu-emacs/2015-04/msg00179.html
> >
> > It would be great if the documentation string and the Elisp manual about
> > `combine-and-quote-strings' could be made a bit clearer by explicitly
> > stating that this function is not useful for shell quoting.
>
> How about this:
>
>
Looks good, thanks.

[Message part 2 (text/html, inline)]

Message #16 received at 20333 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: npostavs <at> users.sourceforge.net
Cc: p.stephani2 <at> gmail.com, 20333 <at> debbugs.gnu.org
Subject: Re: bug#20333: 24.3;
 Add warning about shell quoting to documentation of
 combine-and-quote-strings
Date: Sun, 03 Jul 2016 18:34:13 +0300

> From: npostavs <at> users.sourceforge.net
> Date: Sun, 03 Jul 2016 10:03:55 -0400
> Cc: 20333 <at> debbugs.gnu.org
> 
> >From 5a1d23231bcf3c279fd3b09654fb132513748e6c Mon Sep 17 00:00:00 2001
> From: Noam Postavsky <npostavs <at> gmail.com>
> Date: Sun, 3 Jul 2016 09:56:36 -0400
> Subject: [PATCH v1] Note combine-and-quote-strings doesn't shell quote
> 
> * doc/lispref/processes.texi (Shell Arguments):
> * lisp/subr.el (combine-and-quote-strings): Add a note that
> combine-and-quote-strings doesn't protect arguments against shell
> evaluation (Bug #20333).
> ---
>  doc/lispref/processes.texi | 5 +++++
>  lisp/subr.el               | 5 ++++-
>  2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/doc/lispref/processes.texi b/doc/lispref/processes.texi
> index 5bd0b11..b4542f6 100644
> --- a/doc/lispref/processes.texi
> +++ b/doc/lispref/processes.texi
> @@ -215,6 +215,11 @@ Shell Arguments
>  string arguments to be passed to @code{call-process} or
>  @code{start-process}, or for converting such lists of arguments into
>  a single Lisp string to be presented in the minibuffer or echo area.
> +Note that if a shell is involved (e.g., if using
> +@code{call-process-shell-command}), arguments should still be
> +protected by @code{shell-quote-argument};
> +@code{combine-and-quote-strings} is @emph{not} intended to protect
> +special characters from shell evaluation.
>  
>  @defun split-string-and-unquote string &optional separators
>  This function splits @var{string} into substrings at matches for the
> diff --git a/lisp/subr.el b/lisp/subr.el
> index ed2166a..e9e19d3 100644
> --- a/lisp/subr.el
> +++ b/lisp/subr.el
> @@ -3706,7 +3706,10 @@ combine-and-quote-strings
>    "Concatenate the STRINGS, adding the SEPARATOR (default \" \").
>  This tries to quote the strings to avoid ambiguity such that
>    (split-string-and-unquote (combine-and-quote-strings strs)) == strs
> -Only some SEPARATORs will work properly."
> +Only some SEPARATORs will work properly.
> +
> +Note that this is not intended to protect STRINGS from
> +interpretation by shells, use `shell-quote-argument' for that."
>    (let* ((sep (or separator " "))
>           (re (concat "[\\\"]" "\\|" (regexp-quote sep))))
>      (mapconcat
> -- 
> 2.8.0

LGTM, thanks.  This is good for emacs-25.

Message #19 received at 20333 <at> debbugs.gnu.org (full text, mbox):

From: npostavs <at> users.sourceforge.net
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: p.stephani2 <at> gmail.com, 20333 <at> debbugs.gnu.org
Subject: Re: bug#20333: 24.3;
 Add warning about shell quoting to documentation of
 combine-and-quote-strings
Date: Sun, 03 Jul 2016 15:08:22 -0400

tags 20333 fixed
close 20333 25.1
quit

Eli Zaretskii <eliz <at> gnu.org> writes:
>
> LGTM, thanks.  This is good for emacs-25.

Pushed as 178b2f59

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.