Advanced variable injection #6

mattsb42-aws · 2019-10-30T01:13:55Z

If environment variable values being injected contain special characters, notably any of ", ', \, and probably more, shlex gets very confused when we attempt to split the command after injection.

The current flow is:

Inject values
shlex.split
shlex.quote

I think that the correct approach here might simply be to:

shlex.split (keeping Add Windows testing and validate command processing #5 in mind)
Inject values in each split command
shlex.quote

The text was updated successfully, but these errors were encountered:

mattsb42-aws · 2019-10-30T19:23:47Z

point to investigate:

Since we're explicitly not passing the command to the shell in the subprocess.run execution, we probably do not need to shlex.quote the values. Test this and make sure; if we don't need to, don't.

mattsb42-aws added the blocks next release This issue must be fixed before the next release label Oct 30, 2019

mattsb42-aws mentioned this issue Oct 30, 2019

Initial implementation #2

Merged

mattsb42-aws mentioned this issue Oct 30, 2019

complete 1.0.0 release blockers #12

Open

7 tasks

mattsb42-aws added this to the 1.0.0 milestone Dec 6, 2019

mattsb42 mentioned this issue Jan 1, 2020

commands that include * break #15

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Advanced variable injection #6

Advanced variable injection #6

mattsb42-aws commented Oct 30, 2019

mattsb42-aws commented Oct 30, 2019

Advanced variable injection #6

Advanced variable injection #6

Comments

mattsb42-aws commented Oct 30, 2019

mattsb42-aws commented Oct 30, 2019