Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

\sys_get_shell:nnNTF produces unhandled errors when the shell command is not allowed #1339

Closed
Witiko opened this issue Nov 15, 2023 · 2 comments
Closed

\sys_get_shell:nnNTF produces unhandled errors when the shell command is not allowed #1339

Witiko opened this issue Nov 15, 2023 · 2 comments

Comments

@Witiko
Copy link
Contributor

Witiko commented Nov 15, 2023
edited
Loading

The documentation of the conditional function \sys_get_shell:nnNTF says:

The \sys_get_shell:nnNTF conditional inserts the ⟨true code⟩ if the shell is available and no quote is detected, and the ⟨false code⟩ otherwise.

Here is how I understand this description: The conditional function \sys_get_shell:nnNTF enters the true branch when the shell access is restricted or unrestricted, the shell command contains no ASCII quote characters, and the TeX engine made an actual attempt to execute the shell command (regardless of the exit code).

However, as shown by the following example document example.tex, the conditional function \sys_get_shell:nnNTF does not seem to handle the last case, where TeX did not make an attempt to execute the shell command, because the shell access was restricted:

\input expl3-generic
\ExplSyntaxOn
\sys_get_shell:nnNTF { echo~1 + 2 | bc~-l } { } \l_tmpa_tl { $1 + 2 = \l_tmpa_tl$ } { Failure }
\bye

Running pdftex example.tex produces the following output:

This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023) (preloaded format=pdftex)
 restricted \write18 enabled.
entering extended mode
(./example.tex
(/usr/local/texlive/2023/texmf-dist/tex/latex/l3kernel/expl3-generic.tex
(/usr/local/texlive/2023/texmf-dist/tex/latex/l3kernel/expl3-code.tex)
(/usr/local/texlive/2023/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def))
runpopen command not allowed: echo1+2

! I can't find file `"|echo 1+2|bc -l"'.
<to be read again> 
                   \scan_stop: 
l.3 ...t_shell:nnNTF { echo~1 + 2 | bc~-l } { } \l_tmpa_tl
                                                   { $1 + 2 = \l_tmpa_tl$ } ...

(Press Enter to retry, or Control-D to exit)
Please type another input file name:

I would expect either a document with the text Failure to be produced or a sentence in the documentation of the conditional function \sys_get_shell:nnNTF that clarifies that the consitional function does not handle cases, where shell access is restricted and the shell command is not allowed, and that in such cases, the TeX engine will produce unhandled errors.
@Witiko Witiko mentioned this issue Nov 15, 2023
Closed
@josephwright
Copy link
Member

I'm not sure what we can do here: the shell is available, but we can't tell from the TeX side what will be allowed by restricted shell escape.

@Witiko
Copy link
Contributor Author

Witiko commented Nov 15, 2023

It may be useful to highlight this in the documentation.

josephwright added a commit that referenced this issue Nov 16, 2023
@josephwright
Add details on resrcited escape and fobidden commands
d4d4d70 
See #1339.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Witiko @josephwright