我怎样才能逃避用作Bash的命令行参数的任意字符串? [英] How can I escape an arbitrary string for use as a command line argument in Bash?
问题描述
我有一个字符串列表,我想通过这些字符串作为参数在一个单一的bash命令行调用。对于简单的字母数字串就足够了只是通过他们逐字:
> script.pl富酒吧巴兹是否
富
酒吧
巴兹
是
没有
我明白,如果一个参数包含空格或反斜线或双引号,我需要反斜杠转义双引号和反斜线,然后双引号的说法。
> script.pl富酒吧巴兹\\是\\\\\\\\无\\
富
酒吧
巴兹
是\\不
但是,当一个参数包含一个感叹号,发生这种情况:
> script.pl!富
-bash:未找到事件:富
双引号不工作:
> script.pl!富
-bash:未找到事件:富
也确实反斜杠逃逸(注意反斜线是如何在输出present):
> script.pl\\!富
\\!富
我不知道很多关于猛砸,但是我知道,还有其他的特殊字符,做类似的事情。 什么是安全逃离任意字符串用作Bash的命令行参数的一般程序?让我们假设该字符串可以是任意长度,并包含特殊字符的任意组合。我想一个越狱()
子程序,我可以按照以下(Perl的例子)使用方法:
$ CMD =加盟,图{逃生($ _); } @args;
下面是应当由该功能可以安全地躲过一些例子字符串(我知道的一些这些看起来类似Windows,这是故意的):
是
没有
你好,世界[字符串中有一个逗号和空格]
C:\\ Program Files文件\\ [用反斜杠路径中有空格]
[即一个双引号]
\\ [反斜线]
\\\\ [两个反斜杠]
\\\\\\【三反斜杠]
\\\\\\\\ [四个反斜杠]
\\\\\\\\\\ [五反斜线]
\\ [双引号,反斜线]
\\ T [双引号,反斜线,T]
\\\\ T [双引号,反斜线,反斜线,T]
!1
!一个
!\\ /[双引号,感叹号,反斜杠,正斜杠,单引号,双引号]
杰夫的! [双引号,J,E,F,F,撇号,S,感叹号,双引号]
$ PATH
%路径%
&安培;
&所述;> |&放大器; ^
* @ $$一个$ @#?-_
编辑:
这会做的伎俩?使用反斜线每一个不同寻常的人物,并省略单或双引号。 (例如在Perl,但任何语言可以做到这一点)
子逃逸{
$ _ [0] =〜S /([^ A-ZA-Z0-9 _])/ \\\\ $ 1 /克;
返回$ _ [0];
}
如果你想安全地报价的任何的对击,就可以使用其内置的的printf%Q
格式:
猫strings.txt
:
是
没有
你好,世界
C:\\ Program Files文件\\
\\
\\\\
\\\\\\
\\\\\\\\
\\\\\\\\\\
\\
\\ t
\\\\ŧ
!1
!一个
!\\ /'
杰夫的!
$ PATH
%路径%
&安培;
&所述;> |&放大器; ^
* @ $$一个$ @#?-_
猫quote.sh
:
#!/斌/庆典
而IFS =读-r -d $的'\\ n'
做
printf的%Q$ REPLY
printf的'\\ n'
完成< strings.txt
./ quote.sh
:
是
没有
你好,世界
C:\\\\程序\\文件\\\\
\\
\\\\
\\\\\\\\
\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\
\\\\\\
\\\\\\Ť
\\\\\\\\\\Ť
\\!1
\\!一个
\\\\!\\\\ / \\'\\
\\杰夫\\的\\!\\
\\ $ PATH
%路径%
\\&安培;
\\< \\> \\ | \\&放大器; \\ ^
\\ * @ \\ $ \\ $ A \\ $ @#\\?-_
这些字符串可以strings.txt被逐字复制到例如回声
来输出原始的字符串。
I have a list of strings and I want to pass those strings as arguments in a single Bash command line call. For simple alphanumeric strings it suffices to just pass them verbatim:
> script.pl foo bar baz yes no
foo
bar
baz
yes
no
I understand that if an argument contains spaces or backslashes or double-quotes, I need to backslash-escape the double-quotes and backslashes, and then double-quote the argument.
> script.pl foo bar baz "\"yes\"\\\"no\""
foo
bar
baz
"yes"\"no"
But when an argument contains an exclamation mark, this happens:
> script.pl !foo
-bash: !foo: event not found
Double quoting doesn't work:
> script.pl "!foo"
-bash: !foo: event not found
Nor does backslash-escaping (notice how the literal backslash is present in the output):
> script.pl "\!foo"
\!foo
I don't know much about Bash yet but I know that there are other special characters which do similar things. What is the general procedure for safely escaping an arbitrary string for use as a command line argument in Bash? Let's assume the string can be of arbitrary length and contain arbitrary combinations of special characters. I would like an escape()
subroutine that I can use as below (Perl example):
$cmd = join " ", map { escape($_); } @args;
Here are some more example strings which should be safely escaped by this function (I know some of these look Windows-like, that's deliberate):
yes
no
Hello, world [string with a comma and space in it]
C:\Program Files\ [path with backslashes and a space in it]
" [i.e. a double-quote]
\ [backslash]
\\ [two backslashes]
\\\ [three backslashes]
\\\\ [four backslashes]
\\\\\ [five backslashes]
"\ [double-quote, backslash]
"\T [double-quote, backslash, T]
"\\T [double-quote, backslash, backslash, T]
!1
!A
"!\/'" [double-quote, exclamation, backslash, forward slash, apostrophe, double quote]
"Jeff's!" [double-quote, J, e, f, f, apostrophe, s, exclamation, double quote]
$PATH
%PATH%
&
<>|&^
*@$$A$@#?-_
EDIT:
Would this do the trick? Escape every unusual character with a backslash, and omit single or double quotes. (Example is in Perl but any language can do this)
sub escape {
$_[0] =~ s/([^a-zA-Z0-9_])/\\$1/g;
return $_[0];
}
If you want to securely quote anything for Bash, you can use its built-in printf %q
formatting:
cat strings.txt
:
yes
no
Hello, world
C:\Program Files\
"
\
\\
\\\
\\\\
\\\\\
"\
"\T
"\\T
!1
!A
"!\/'"
"Jeff's!"
$PATH
%PATH%
&
<>|&^
*@$$A$@#?-_
cat quote.sh
:
#!/bin/bash
while IFS= read -r -d $'\n'
do
printf %q "$REPLY"
printf '\n'
done < strings.txt
./quote.sh
:
yes
no
Hello\,\ world
C:\\Program\ Files\\
\"
\\
\\\\
\\\\\\
\\\\\\\\
\\\\\\\\\\
\"\\
\"\\T
\"\\\\T
\!1
\!A
\"\!\\/\'\"
\"Jeff\'s\!\"
\$PATH
%PATH%
\&
\<\>\|\&\^
\*@\$\$A\$@#\?-_
These strings can be copied verbatim to for example echo
to output the original strings in strings.txt.
这篇关于我怎样才能逃避用作Bash的命令行参数的任意字符串?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!