Timeline for answer to Find exec sh: Shell variable not getting passed to subshell by Philippe
Current License: CC BY-SA 4.0
Post Revisions
12 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| May 7, 2020 at 10:50 | comment | added | Philippe |
'Before '"$SearchTerm"' After' yields Before $SearchTerm After, whereas 'Before "'"$SearchTerm"'" After' yields Before "$SearchTerm" After. There is a difference when $SearchTerm contains spaces.
|
|
| May 7, 2020 at 10:07 | comment | added | Porcupine |
@Philippe This also works (from your explanantion): 'Before '"$SearchTerm"' After'. Do you know if the additional double quotes in "'"$SearchTerm"'" unlike '"$SearchTerm"' serves some purpose?
|
|
| Jan 24, 2020 at 9:53 | comment | added | Gordon Davisson | @StéphaneChazelas You're right, I mixed up the quoting levels. | |
| Jan 22, 2020 at 10:32 | comment | added | Kusalananda♦ |
@StéphaneChazelas There are safer ways to achieve the same effect. By using a callback function instead of giving the sh -c script a chunk of code, for example.
|
|
| Jan 22, 2020 at 10:22 | comment | added | Stéphane Chazelas |
@GordonDavisson, single quotes are not going to be much of a problem there. The user only needs to bear in mind that the argument to FIND has to be shell code that is valid within double quotes. FIND "\$d/it's cool" would happily return the searchable directories that contain a regular file called it's cool. But you'd need FIND '$d/it\"s cool' to find directories that contain a it"s cool file.
|
|
| Jan 22, 2020 at 10:17 | comment | added | Stéphane Chazelas | @Kusalananda, that's clearly what the OP wants, they want to run arbitrary code (at least arbitrary expansions) for each of the selected directories. | |
| Jan 22, 2020 at 9:30 | comment | added | Philippe | I do agree. The solution I gave is what I think he wanted to do, and I assume he has total control of $SearchTerm. | |
| Jan 22, 2020 at 9:06 | comment | added | Kusalananda♦ | This introduces a code injection vulnerability as you are modifying the actual script that you're later running. | |
| Jan 22, 2020 at 8:27 | history | edited | Philippe | CC BY-SA 4.0 |
added 687 characters in body
|
| Jan 22, 2020 at 8:08 | comment | added | Porcupine |
@Philippe Could you please explain a bit more about how quoting "'"${SearchTerm}"'" helps in keeping it outside sh -c?
|
|
| Jan 22, 2020 at 1:00 | history | edited | Philippe | CC BY-SA 4.0 |
added 1 character in body
|
| Jan 22, 2020 at 0:38 | history | answered | Philippe | CC BY-SA 4.0 |