[Bug 204602] parse() in boot loader interp_parse.c is too naive about quotes
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 16 17:13:35 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204602
Bug ID: 204602
Summary: parse() in boot loader interp_parse.c is too naive
about quotes
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: tsoome at me.com
Created attachment 163200
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=163200&action=edit
udiff of inter_parse.c
current logic how the quotes (both ' and ") are managed is a bit too relaxed,
allowing wierd constructs like set name="value' also usual single quote
semantics is not possible and, the code does not check if the quoted string
actually has ending quote.
I'm adding here diff for possible update, which implements:
1. distinguishing single and double quote
2. variable expansion will not be done inside single quote protected area
3. will preserve inner quote for values like "value 'some list'"
4. ending quote check.
however, this diff does not implement ending quote order check - it shouldn't
be too hard, needs some improvements on parser state machine.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list