Fossil

Check-in [a5ff0050]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Allow arguments with non-ASCII characters for constructed shell commands, as reported here: https://fossil-scm.org/forum/forumpost/81e6854386.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | non-ascii-cmd-args
Files: files | file ages | folders
SHA3-256: a5ff00506bccef939027b8950778125e87dc66a12ab356e5a8ed9d87e6f7a528
User & Date: florian 2019-02-07 17:42:00
Context
2019-02-18
20:44
Allow arguments with non-ASCII characters for constructed shell commands. check-in: 72e4b915 user: drh tags: trunk
2019-02-07
17:42
Allow arguments with non-ASCII characters for constructed shell commands, as reported here: https://fossil-scm.org/forum/forumpost/81e6854386. Closed-Leaf check-in: a5ff0050 user: florian tags: non-ascii-cmd-args
17:18
Update the built-in SQLite to the official 3.27.0 release version. check-in: c56fce69 user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/blob.c.

1261
1262
1263
1264
1265
1266
1267

1268
1269
1270
1271
1272
1273
1274
1275
#if defined(_WIN32)
  const char cQuote = '"';    /* Use "..." quoting on windows */
#else
  const char cQuote = '\'';   /* Use '...' quoting on unix */
#endif

  for(i=0; (c = zIn[i])!=0; i++){

    if( c==cQuote || c=='\\' || c<' ' || c==';' || c=='*' || c=='?' || c=='[') {
      Blob bad;
      blob_token(pBlob, &bad);
      fossil_fatal("the [%s] argument to the \"%s\" command contains "
                   "a character (ascii 0x%02x) that is a security risk",
                   zIn, blob_str(&bad), c);
    }
    if( !needEscape && !fossil_isalnum(c) && c!='/' && c!='.' && c!='_' ){







>
|







1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
#if defined(_WIN32)
  const char cQuote = '"';    /* Use "..." quoting on windows */
#else
  const char cQuote = '\'';   /* Use '...' quoting on unix */
#endif

  for(i=0; (c = zIn[i])!=0; i++){
    if( c==cQuote || (unsigned char)c<' ' ||
        c=='\\' || c==';' || c=='*' || c=='?' || c=='[' ){
      Blob bad;
      blob_token(pBlob, &bad);
      fossil_fatal("the [%s] argument to the \"%s\" command contains "
                   "a character (ascii 0x%02x) that is a security risk",
                   zIn, blob_str(&bad), c);
    }
    if( !needEscape && !fossil_isalnum(c) && c!='/' && c!='.' && c!='_' ){