[CentOS] bash - safely pass untrusted strings?

Les Mikesell lesmikesell at gmail.com
Wed Feb 27 05:16:27 UTC 2008


Garrick Staples wrote:
> On Tue, Feb 26, 2008 at 05:13:12PM -0600, Les Mikesell alleged:
>> Garrick Staples wrote:
>>> On Tue, Feb 26, 2008 at 04:33:30PM -0600, Les Mikesell alleged:
>>>> Does anyone have a quick reference to the order of operations as the 
>>>> shell parses a command line (variable parsing,i/o redirection, wildcard 
>>>> and variable expansion, splitting on IFS, quote removal, command 
>>>> substitution etc.)?  That's really the first thing you need to know 
>>>> about the shell and if there is a simple description it must be buried 
>>>> in the middle of some obscure manual.
>>> This is from the "EXPANSION" section of the bash manpage:
>>>
>>>       The  order  of  expansions  is:  brace expansion, tilde expansion, 
>>>       parameter, variable and arithmetic
>>>       expansion and command substitution (done in a left-to-right 
>>>       fashion), word  splitting,  and  pathname
>>>       expansion.
>> That's one step in the bigger picture.  I want the one that includes 
>> variable assignment, i/o redirection, quote removal, and a few other 
>> operations.  I think I knew that a few decades ago, but now I don't even 
>> know where to look it up.
> 
> That's pretty much the entire process for your basic expression.

Yes, but I'm looking for what happens before and after.  Why does
unset foo
foo=bar >$foo
do something you might expect, but
unset foo
foo=bar echo  $foo >$foo
doesn't?

Or why doesn't
unset foo
foo=bar echo $foo
work like you'd expect while
unset foo
foo=bar some_other_command
will put foo in the environment for the other command?

> Quotes are
> obeyed the entire time, but are actually _removed_ after the expansion.  And
> finally, file descriptors are opened the command is executed.

And how does this relate to ||, && and things on the right hand side of 
|'s in terms of evaluation order and side effects?

> I don't think you can write a simple list because the actual process is too
> complex.  It would really be a tree or flowchart.

I'm sure I saw a simple list of the order of operations for the bourne 
shell years ago with about 6 steps and which are repeated if you add an 
eval to the line.  Bash handles some more complex expressions, but it 
must still do the steps in the same order to be compatible.  You really 
need to know this to do anything even slightly complicated and I'm 
having trouble finding it again.

-- 
   Les Mikesell
     lesmikesell at gmail.com




More information about the CentOS mailing list