Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
formats/command: escape also chunks with arbitrary "metacharacters"
...unless that chunk consists merely of them. This is apparently prone to both false positives and negatives (in the context of use), but at least fixes more serious issues with these magic characters demonstrating their power when missing the quotation (or escaping, which we are not resorting to so far, as it would be another complexity for already convoluted handling). For instance, value of an instance attribute for a resource within CIB can read "fish&chips" (in XML: fish&chips), which when proceeded with cib2pcscmd command, would previously result in something like: pcs -f tmp-cib.xml \ resource create res ocf:heartbeat:agent par=fish&chips which, when actually executed in the shell environment, would only run "pcs -f tmp-cib.xml resource create res ocf:heartbeat:agent par=fish" that would be subsequently backgrounded only to likewise unintentionally (and possibly even harmfully) continue execution with "chips" (and likely failing). Now, it will cause no harm thanks to quoting properly: pcs -f tmp-cib.xml \ resource create res ocf:heartbeat:agent 'ipd=fish&chips' * * * For the paranoids, there's a universally applicable workaround boiling down to disabling the cmd-wrap filter, which is actually responsible for the bells-and-whistles prettified output that only aims to add value for the humans, for instance: clufter cib2pcscmd --noop=cmd-wrap mycib.xml But technically the raw output should be (unless a corner case like above is hit) identical, carrying unwrapped lines with over-enquoted chunks where the necessity to do so is a priori assumed (better to stay safe) -- actually one example of value added with cmd-wrap post-processing is getting rid of extraneous quoting :-) Note that "cmd-wrap" is also an eponymous command on its own, which is apparently also affected, but for which it doeasn't make sense to apply that workaround (disabling the only filter enqued) as opposed to avoiding that command altogether for anything critical... * * * The change, in turn, required input/output redirection used conditionally when a whole-stack-config-to-pcs-commands clufter's command was about to emit "pcs cluster auth" to use "<> /dev/tty" rather than "<>/dev/tty" because the latter would end up being undesirably enquoted with the newly introduced rule in place (fortunately, pcs uses switches and "X=Y" syntax most of the time). Also add a new test to have at least '&' case covered in the future. Thanks to Madkiss (seconded by Lars Ellenberg) at freenode/#clusterlabs for pointing this issue out. Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
- Loading branch information