procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

quoting when calling external commands from a recipe

2000-04-25 20:33:01
from [Volker Kuhlmann] [Permanent Link] 
The discussion about autoresponders has thrown up the issue of quoting
variabes when handing them to external programs. When these variables
contain user-data (e.g. the email's Subject: ) care must be taken with
special characters like quote marks, spaces, you name it.

Consider this:

  :0 bfw
  | ( S="`echo $MATCH | sed -e 's,/,\\/,g' -e 's/&/\\\\&/g' `"; \

I find it works, even if $MATCH contains all of " ' ` & @ ! $ ( / )
[ { ] } \ | ; # <space> . At a guess it's how /bin/sh handles these
characters when they appear inside doublequotes/backtics.

If $SHELL is /bin/csh things will probably break! One more reason to
have SHELL=/bin/sh in ~/.prcmailrc.

What about handing $MATCH over to sed, e.g. when replacing SOMETHING
with $MATCH, as in

    sed -e 's/\$SUBJECT/'"$MATCH"'/g' <$PROCDIR/vacationmsg

Things will fail badly!

1) The double-quotes around $MATCH are necessary to make the whole
's/.../.../g' only one argument to sed (shell escape).

2) Because sed uses some character to delimit its regular expressions
for the s command, this character inside $MATCH will bomb out sed. Hence
this character must be backslash-escaped for sed. This has nothing to
do with the shell!! At the same time, & also needs to be escaped because
of its special meaning for sed in the replacement text.

The purpose of the line above (S=...) is to do the quoting for sed.

The problem only exists because sed takes both RE and replacement from
the same command line argument. Not doing that is the advantage of
this suggestion:

   | (m4 -DSUBJECT="$MATCH" $PROCDIR/vacationmsg

m4 makes everything following the = up to the end of that command line
argument the content of SUBJECT.


I doubt it, since the object is to protect sed quoting when
it gets called through a shell.  But - hmm.  Can setting noglob
or something like that possibly help?


The shell is not the problem. globbing is therefore irrelevant.


 I still think tr might
be useful, too.


tr replaces one character with another - not useful when we need to
replace one character with two (backslash and the character itself).

Volker
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • quoting when calling external commands from a recipe, Volker Kuhlmann <=
Previous by Date:  Re: generating vacation response, Aaron Schrab
Next by Date:  Re: generating vacation response, Bennett Todd
Previous by Thread:  getting Subject: text into $MATCH, Volker Kuhlmann
Next by Thread:  autoreplay for vacation using procmail, claudio minutella
Indexes:  [Date] [Thread] [Top] [All Lists]