[Bug 204602] parse() in boot loader interp_parse.c is too naive about quotes

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Nov 16 17:13:35 UTC 2015


            Bug ID: 204602
           Summary: parse() in boot loader interp_parse.c is too naive
                    about quotes
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: tsoome at me.com

Created attachment 163200
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=163200&action=edit
udiff of inter_parse.c

current logic how the quotes (both ' and ") are managed is a bit too relaxed,
allowing wierd constructs like set name="value' also usual single quote
semantics is not possible and, the code does not check if the quoted string
actually has ending quote.

I'm adding here diff for possible update, which implements:

1. distinguishing single and double quote
2. variable expansion will not be done inside single quote protected area
3. will preserve inner quote for values like "value 'some list'"
4. ending quote check.

however, this diff does not implement ending quote order check - it shouldn't
be too hard, needs some improvements on parser state machine.

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list