我怎样才能逃避用作Bash的命令行参数的任意字符串？ [英] How can I escape an arbitrary string for use as a command line argument in Bash?

问题描述

我有一个字符串列表，我想通过这些字符串作为参数在一个单一的bash命令行调用。对于简单的字母数字串就足够了只是通过他们逐字：

 ＆GT; script.pl富酒吧巴兹是否
富
酒吧
巴兹
是
没有
 

我明白，如果一个参数包含空格或反斜线或双引号，我需要反斜杠转义双引号和反斜线，然后双引号的说法。

 ＆GT; script.pl富酒吧巴兹\\是\\\\\\\\无\\
富
酒吧
巴兹
是\\不
 

但是，当一个参数包含一个感叹号，发生这种情况：

 ＆GT; script.pl！富
-bash：未找到事件：富
 

双引号不工作：

 ＆GT; script.pl！富
-bash：未找到事件：富
 

也确实反斜杠逃逸（注意反斜线是如何在输出present）：

 ＆GT; script.pl\\！富
\\！富
 

我不知道很多关于猛砸，但是我知道，还有其他的特殊字符，做类似的事情。 什么是安全逃离任意字符串用作Bash的命令行参数的一般程序？让我们假设该字符串可以是任意长度，并包含特殊字符的任意组合。我想一个越狱（）子程序，我可以按照以下（Perl的例子）使用方法：

  $ CMD =加盟，图{逃生（$ _）; } @args;
 

下面是应当由该功能可以安全地躲过一些例子字符串（我知道的一些这些看起来类似Windows，这是故意的）：

 是
没有
你好，世界[字符串中有一个逗号和空格]
C：\\ Program Files文件\\ [用反斜杠路径中有空格]
[即一个双引号]
\\ [反斜线]
\\\\ [两个反斜杠]
\\\\\\【三反斜杠]
\\\\\\\\ [四个反斜杠]
\\\\\\\\\\ [五反斜线]
\\ [双引号，反斜线]
\\ T [双引号，反斜线，T]
\\\\ T [双引号，反斜线，反斜线，T]
！1
！一个
！\\ /[双引号，感叹号，反斜杠，正斜杠，单引号，双引号]
杰夫的！ [双引号，J，E，F，F，撇号，S，感叹号，双引号]
$ PATH
％路径％
＆安培;
＆所述;＆GT; |＆放大器; ^
* @ $$一个$ @＃？-_
 

编辑：

这会做的伎俩？使用反斜线每一个不同寻常的人物，并省略单或双引号。 （例如在Perl，但任何语言可以做到这一点）

 子逃逸{
    $ _ [0] =〜S /（[^ A-ZA-Z0-9 _]）/ \\\\ $ 1 /克;
    返回$ _ [0];
}
 

解决方案

如果你想安全地报价的任何的对击，就可以使用其内置的的printf％Q 格式：

猫strings.txt ：

 是
没有
你好，世界
C：\\ Program Files文件\\

\\
\\\\
\\\\\\
\\\\\\\\
\\\\\\\\\\
\\
\\ t
\\\\ŧ
！1
！一个
！\\ /'
杰夫的！
$ PATH
％路径％
＆安培;
＆所述;＆GT; |＆放大器; ^
* @ $$一个$ @＃？-_
 

猫quote.sh ：

 ＃！/斌/庆典
而IFS =读-r -d $的'\\ n'
做
    printf的％Q$ REPLY
    printf的'\\ n'
完成＆LT; strings.txt
 

./ quote.sh ：

 是
没有
你好，世界
C：\\\\程序\\文件\\\\
\\
\\\\
\\\\\\\\
\\\\\\\\\\\\
\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\
\\\\\\
\\\\\\Ť
\\\\\\\\\\Ť
\\！1
\\！一个
\\\\！\\\\ / \\'\\
\\杰夫\\的\\！\\
\\ $ PATH
％路径％
\\＆安培;
\\＆LT; \\＆GT; \\ | \\＆放大器; \\ ^
\\ * @ \\ $ \\ $ A \\ $ @＃\\？-_
 

这些字符串可以strings.txt被逐字复制到例如回声来输出原始的字符串。

I have a list of strings and I want to pass those strings as arguments in a single Bash command line call. For simple alphanumeric strings it suffices to just pass them verbatim:

> script.pl foo bar baz yes no
foo
bar
baz
yes
no

I understand that if an argument contains spaces or backslashes or double-quotes, I need to backslash-escape the double-quotes and backslashes, and then double-quote the argument.

> script.pl foo bar baz "\"yes\"\\\"no\""
foo
bar
baz
"yes"\"no"

But when an argument contains an exclamation mark, this happens:

> script.pl !foo
-bash: !foo: event not found

Double quoting doesn't work:

> script.pl "!foo"
-bash: !foo: event not found

Nor does backslash-escaping (notice how the literal backslash is present in the output):

> script.pl "\!foo"
\!foo

I don't know much about Bash yet but I know that there are other special characters which do similar things. What is the general procedure for safely escaping an arbitrary string for use as a command line argument in Bash? Let's assume the string can be of arbitrary length and contain arbitrary combinations of special characters. I would like an escape() subroutine that I can use as below (Perl example):

$cmd = join " ", map { escape($_); } @args;

Here are some more example strings which should be safely escaped by this function (I know some of these look Windows-like, that's deliberate):

yes
no
Hello, world      [string with a comma and space in it]
C:\Program Files\ [path with backslashes and a space in it]
"                 [i.e. a double-quote]
\                 [backslash]
\\                [two backslashes]
\\\               [three backslashes]
\\\\              [four backslashes]
\\\\\             [five backslashes]
"\                [double-quote, backslash]
"\T               [double-quote, backslash, T]
"\\T              [double-quote, backslash, backslash, T]
!1                
!A                
"!\/'"            [double-quote, exclamation, backslash, forward slash, apostrophe, double quote]
"Jeff's!"         [double-quote, J, e, f, f, apostrophe, s, exclamation, double quote]
$PATH             
%PATH%            
&                 
<>|&^             
*@$$A$@#?-_       

EDIT:

Would this do the trick? Escape every unusual character with a backslash, and omit single or double quotes. (Example is in Perl but any language can do this)

sub escape {
    $_[0] =~ s/([^a-zA-Z0-9_])/\\$1/g;
    return $_[0];
}

解决方案

If you want to securely quote anything for Bash, you can use its built-in printf %q formatting:

cat strings.txt:

yes
no
Hello, world
C:\Program Files\
"
\
\\
\\\
\\\\
\\\\\
"\
"\T
"\\T
!1
!A
"!\/'"
"Jeff's!"
$PATH
%PATH%
&
<>|&^
*@$$A$@#?-_

cat quote.sh:

#!/bin/bash
while IFS= read -r -d $'\n'
do
    printf %q "$REPLY"
    printf '\n'
done < strings.txt

./quote.sh:

yes
no
Hello\,\ world
C:\\Program\ Files\\
\"
\\
\\\\
\\\\\\
\\\\\\\\
\\\\\\\\\\
\"\\
\"\\T
\"\\\\T
\!1
\!A
\"\!\\/\'\"
\"Jeff\'s\!\"
\$PATH
%PATH%
\&
\<\>\|\&\^
\*@\$\$A\$@#\?-_

These strings can be copied verbatim to for example echo to output the original strings in strings.txt.

这篇关于我怎样才能逃避用作Bash的命令行参数的任意字符串？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！