commit 28fa4a2f03e2232d95dec9dc2b8ef40857d725db · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Escape all shell arguments uniformly

zimbatm.tngl.sh 9 years ago 28fa4a2f 852e9c30

+20 -19

9 changed files

expand all

unified split

lib

strings.nix

nixos

modules

security

acme.nix

services

mail

opendkim.nix

misc

taskserver

default.nix

networking

ejabberd.nix

pkgs

build-support

windows

controller

default.nix

development

ruby-modules

bundler-env

default.nix

gem

default.nix

servers

x11

xquartz

default.nix

+10 -1

lib/strings.nix

··· 213 213 escapeShellArg "so([<>])me" 214 214 => "so\$\\[\\<\\>\\]\$me" 215 215 */ 216 - escapeShellArg = lib.escape (stringToCharacters "\\ ';$`()|<>\t*[]"); 216 + escapeShellArg = arg: 217 + lib.escape (stringToCharacters "\\ ';$`()|<>\t*[]") (toString arg); 218 + 219 + /* Escape all arguments to be passed to the Bourne shell. 220 + 221 + Example: 222 + escapeShellArgs ["one" "two three"] 223 + => "one two\\ three" 224 + */ 225 + escapeShellArgs = concatMapStringsSep " " escapeShellArg; 217 226 218 227 /* Obsolete - use replaceStrings instead. */ 219 228 replaceChars = builtins.replaceStrings or (

+1 -1

nixos/modules/security/acme.nix

··· 187 187 script = '' 188 188 cd '${cpath}' 189 189 set +e 190 - simp_le ${concatMapStringsSep " " (arg: escapeShellArg (toString arg)) cmdline} 190 + simp_le ${escapeShellArgs cmdline} 191 191 EXITCODE=$? 192 192 set -e 193 193 echo "$EXITCODE" > /tmp/lastExitCode

+1 -1

nixos/modules/services/mail/opendkim.nix

··· 101 101 wantedBy = [ "multi-user.target" ]; 102 102 103 103 serviceConfig = { 104 - ExecStart = "${pkgs.opendkim}/bin/opendkim ${concatMapStringsSep " " escapeShellArg args}"; 104 + ExecStart = "${pkgs.opendkim}/bin/opendkim ${escapeShellArgs args}"; 105 105 User = cfg.user; 106 106 Group = cfg.group; 107 107 RuntimeDirectory = optional (cfg.socket == defaultSock) "opendkim";

-2

nixos/modules/services/misc/taskserver/default.nix

··· 152 152 }; 153 153 }; 154 154 155 - mkShellStr = val: "'${replaceStrings ["'"] ["'\\''"] val}'"; 156 - 157 155 certtool = "${pkgs.gnutls.bin}/bin/certtool"; 158 156 159 157 nixos-taskserver = pkgs.buildPythonPackage {

+1 -1

nixos/modules/services/networking/ejabberd.nix

··· 13 13 14 14 ectl = ''${cfg.package}/bin/ejabberdctl ${if cfg.configFile == null then "" else "--config ${cfg.configFile}"} --ctl-config "${ctlcfg}" --spool "${cfg.spoolDir}" --logs "${cfg.logsDir}"''; 15 15 16 - dumps = lib.concatMapStringsSep " " lib.escapeShellArg cfg.loadDumps; 16 + dumps = lib.escapeShellArgs cfg.loadDumps; 17 17 18 18 in { 19 19

+1 -3

pkgs/build-support/vm/windows/controller/default.nix

··· 71 71 }; 72 72 }; 73 73 74 - shellEscape = x: "'${replaceChars ["'"] [("'\\'" + "'")] x}'"; 75 - 76 74 loopForever = "while :; do ${coreutils}/bin/sleep 1; done"; 77 75 78 76 initScript = writeScript "init.sh" ('' ··· 132 130 -o StrictHostKeyChecking=no \ 133 131 -i /ssh.key \ 134 132 -l Administrator \ 135 - 192.168.0.1 -- ${shellEscape command} 133 + 192.168.0.1 -- ${lib.escapeShellArg command} 136 134 '') + optionalString (suspendTo != null) '' 137 135 ${coreutils}/bin/touch /xchg/suspend_now 138 136 ${loopForever}

+2 -4

pkgs/development/ruby-modules/bundler-env/default.nix

··· 16 16 }@args: 17 17 18 18 let 19 - 20 - shellEscape = x: "'${lib.replaceChars ["'"] [("'\\'" + "'")] x}'"; 21 19 importedGemset = import gemset; 22 20 filteredGemset = (lib.filterAttrs (name: attrs: 23 21 if (builtins.hasAttr "groups" attrs) ··· 58 56 "${confFiles}/Gemfile" \ 59 57 "$out/${ruby.gemPath}" \ 60 58 "${bundler}/${ruby.gemPath}" \ 61 - ${shellEscape (toString envPaths)} \ 62 - ${shellEscape (toString groups)} 59 + ${lib.escapeShellArg envPaths} \ 60 + ${lib.escapeShellArg groups} 63 61 '' + lib.optionalString (postBuild != null) postBuild; 64 62 passthru = rec { 65 63 inherit ruby bundler meta gems;

+3 -4

pkgs/development/ruby-modules/gem/default.nix

··· 18 18 # Normal gem packages can be used outside of bundler; a binstub is created in 19 19 # $out/bin. 20 20 21 - { lib, ruby, bundler, fetchurl, fetchgit, makeWrapper, git, 22 - buildRubyGem, darwin 21 + { lib, fetchurl, fetchgit, makeWrapper, git, darwin 22 + , ruby, bundler 23 23 } @ defs: 24 24 25 25 lib.makeOverridable ( ··· 53 53 , ...} @ attrs: 54 54 55 55 let 56 - shellEscape = x: "'${lib.replaceChars ["'"] [("'\\'" + "'")] x}'"; 57 56 src = attrs.src or ( 58 57 if type == "gem" then 59 58 fetchurl { ··· 165 164 ${src} \ 166 165 ${attrs.rev} \ 167 166 ${version} \ 168 - ${shellEscape (toString buildFlags)} 167 + ${lib.escapeShellArgs buildFlags} 169 168 ''} 170 169 171 170 ${lib.optionalString (type == "gem") ''

+1 -2

pkgs/servers/x11/xquartz/default.nix

··· 37 37 # that point into the user's profile. 38 38 39 39 let 40 - shellEscape = x: "'${lib.replaceChars ["'"] [("'\\'" + "'")] x}'"; 41 40 installer = writeScript "xquartz-install" '' 42 41 NIX_LINK=$HOME/.nix-profile 43 42 ··· 138 137 defaultStartX="$out/bin/startx -- $out/bin/Xquartz" 139 138 140 139 ruby ${./patch_plist.rb} \ 141 - ${shellEscape (builtins.toXML { 140 + ${lib.escapeShellArg (builtins.toXML { 142 141 XQUARTZ_DEFAULT_CLIENT = "${xterm}/bin/xterm"; 143 142 XQUARTZ_DEFAULT_SHELL = "${shell}"; 144 143 XQUARTZ_DEFAULT_STARTX = "@STARTX@";