HERE
# Test the various shell escapes
+#
+# Full credit to https://github.com/jwilk/url.sh (MIT license) for the
+# example.com URL below. That's nicely evil. Note that we have had to escape
+# the dollar signs ourselves in the test input and outputs! I'm not convinced
+# that the "human" version is doing very well on that example, but it's so
+# pathological that if you have file names like that you deserve what you get.
ARB=$(echo "a\rb")
cat >${LOG1} <<HERE
a b
🎶"
α
α'
+http://example.com/;'\$(gt=\$(perl\$IFS-E\$IFS's//62/;s/62/chr/e;say');eval\$IFS''cowsay\$IFS''pwned\$IFS\$gt/dev/tty)';cowsay\$IFS''pwned
HERE
-${LUA} ./cdb-util escape posix <${LOG1} | diff -u /dev/fd/3 - 3<<HERE
+${LUA} ./cdb-util escape posix <${LOG1} | diff -au /dev/fd/3 - 3<<HERE
'a b'
'a\$b'
'${ARB}'
'🎶"'
'α'
'α'"'"''
+'http://example.com/;'"'"'\$(gt=\$(perl\$IFS-E\$IFS'"'"'s//62/;s/62/chr/e;say'"'"');eval\$IFS'"'"''"'"'cowsay\$IFS'"'"''"'"'pwned\$IFS\$gt/dev/tty)'"'"';cowsay\$IFS'"'"''"'"'pwned'
HERE
-${LUA} ./cdb-util escape extended <${LOG1} | diff -u /dev/fd/3 - 3<<HERE
+${LUA} ./cdb-util escape extended <${LOG1} | diff -au /dev/fd/3 - 3<<HERE
'a'\$'\\x09''b'
'a\$b'
'a'\$'\\x0d''b'
''\$'\\xf0'''\$'\\x9f'''\$'\\x8e'''\$'\\xb6''"'
''\$'\\xce'''\$'\\xb1'''
''\$'\\xce'''\$'\\xb1'''"'"''
+'http://example.com/;'"'"'\$(gt=\$(perl\$IFS-E\$IFS'"'"'s//62/;s/62/chr/e;say'"'"');eval\$IFS'"'"''"'"'cowsay\$IFS'"'"''"'"'pwned\$IFS\$gt/dev/tty)'"'"';cowsay\$IFS'"'"''"'"'pwned'
HERE
-${LUA} ./cdb-util escape human <${LOG1} | diff -u /dev/fd/3 - 3<<HERE
+${LUA} ./cdb-util escape human <${LOG1} | diff -au /dev/fd/3 - 3<<HERE
'a'$'\\x09''b'
'a\$b'
'a'\$'\\x0d''b'
'🎶"'
'α'
"α'"
+'http://example.com/;'"'"'\$(gt=\$(perl\$IFS-E\$IFS'"'"'s//62/;s/62/chr/e;say'"'"');eval\$IFS'"'"''"'"'cowsay\$IFS'"'"''"'"'pwned\$IFS\$gt/dev/tty)'"'"';cowsay\$IFS'"'"''"'"'pwned'
HERE
projects / csdb / commitdiff