[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] emacs-26 2dd273b 2/2: Mention that shell quoting of % on w
From: |
Noam Postavsky |
Subject: |
[Emacs-diffs] emacs-26 2dd273b 2/2: Mention that shell quoting of % on w32 may fail (Bug#19350) |
Date: |
Thu, 8 Feb 2018 19:14:15 -0500 (EST) |
branch: emacs-26
commit 2dd273b9853189f2105426cffa723ced7f329fb4
Author: Noam Postavsky <address@hidden>
Commit: Noam Postavsky <address@hidden>
Mention that shell quoting of % on w32 may fail (Bug#19350)
* doc/lispref/os.texi (Security Considerations): Mention that quoting
of '%' assumes no '^' in variable names.
* test/lisp/subr-tests.el (shell-quote-argument-%-on-w32): New test,
demonstrating what doesn't work.
---
doc/lispref/os.texi | 4 +++-
test/lisp/subr-tests.el | 17 +++++++++++++++++
2 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/doc/lispref/os.texi b/doc/lispref/os.texi
index 9352a92..42be604 100644
--- a/doc/lispref/os.texi
+++ b/doc/lispref/os.texi
@@ -3042,7 +3042,9 @@ with @samp{-}, or might contain shell metacharacters like
@samp{;}.
Although functions like @code{shell-quote-argument} can help avoid
this sort of problem, they are not panaceas; for example, on a POSIX
platform @code{shell-quote-argument} quotes shell metacharacters but
-not leading @samp{-}. @xref{Shell Arguments}. Typically it is safer
+not leading @samp{-}. On MS-Windows, quoting for @samp{%} assumes
+none of the environment variables have @samp{^} in their name.
address@hidden Arguments}. Typically it is safer
to use @code{call-process} than a subshell. @xref{Synchronous
Processes}. And it is safer yet to use builtin Emacs functions; for
example, use @code{(rename-file "@var{a}" "@var{b}" t)} instead of
diff --git a/test/lisp/subr-tests.el b/test/lisp/subr-tests.el
index efafdcf..430d719 100644
--- a/test/lisp/subr-tests.el
+++ b/test/lisp/subr-tests.el
@@ -307,5 +307,22 @@ cf. Bug#25477."
(should (eq (string-to-char (symbol-name (gensym))) ?g))
(should (eq (string-to-char (symbol-name (gensym "X"))) ?X)))
+(ert-deftest shell-quote-argument-%-on-w32 ()
+ "Quoting of `%' in w32 shells isn't perfect.
+See https://debbugs.gnu.org/cgi/bugreport.cgi?bug=19350."
+ :expected-result :failed
+ (skip-unless (and (fboundp 'w32-shell-dos-semantics)
+ (w32-shell-dos-semantics)))
+ (let ((process-environment (append '("ca^=with-caret"
+ "ca=without-caret")
+ process-environment)))
+ ;; It actually results in
+ ;; without-caret with-caret
+ (should (equal (shell-command-to-string
+ (format "echo %s %s"
+ "%ca%"
+ (shell-quote-argument "%ca%")))
+ "without-caret %ca%"))))
+
(provide 'subr-tests)
;;; subr-tests.el ends here