fix ENC 'echo' script template to prevent expansion #255
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Huh. For whatever reason, the test failing here was not failing when run locally (I'm assuming this was my error in some way, because the test obviously should have failed). I'll push a fix for the test in the morning. |
Currently the template script for creating the 'echo' script used for ENC data wraps the data provided by the actual ENC in `cat <<-EOF`, which causes the enclosed data to be variable-expanded, escape characters (like double backslashes) to be replaced with their concrete representations, etc. This breaks things horribly if you have (e.g.) JSON data with escaped strings (`"C:\\Windows"`), which will be processed and output without those escapes (`"C:\Windows"`), which is invalid, and definitely not what the user intended under any circumstance. Using the 'quoted' variant of shell heredocs (`cat <<-'EOF'`) stops this expansion.
jhongturney
approved these changes
Feb 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
This pull request changes functionality (bugfix)
Currently the template script for creating the 'echo' script used for
ENC data wraps the data provided by the actual ENC in
cat <<-EOF,which causes the enclosed data to be variable-expanded, escape
characters (like double backslashes) to be replaced with their
concrete representations, etc.
This breaks things horribly if you have (e.g.) JSON data with
escaped strings (
"C:\\Windows"), which will be processed andoutput without those escapes (
"C:\Windows"), which is invalid,and definitely not what the user intended under any circumstance.
Using the 'quoted' variant of shell heredocs (
cat <<-'EOF') stopsthis expansion/replacement from happening, ensuring that the output
from the echo script is identical to the output of the original ENC script.
Checklist
[x] Make sure that all of the tests pass, and fix any that don't.
[x] Make sure that there is 100%
[n/a] If you have added a new command line option, add corresponding integration test
[n/a] If you have added any new gem dependencies, verify MIT or Apache 20 license
[n/a] If you have added any new gem dependencies, check in
.gemfile