On Tue, Jun 29, 2021 at 02:58:28PM -0700, L A Walsh wrote:
> njobs() { printf ${1:+-v $1} "%s\n" "$(jobs |wc -l)"; }
>
> Using that with your input:
>
> njobs 'x[0$(date >&2)]'
>
> bash: printf: `x[0$(date': not a valid identifier
This is because you didn't quote "$1". Since you only ever tested
the cases where $1 was a valid variable name, you never ran into that
particular result... until now.
As you can see, the unquoted $1 underwent word splitting, so you're
effectively running printf -v 'x[0$(date' '>&2)]' '%s\n' "...".
This won't protect against all code injections, of course; only the
ones that contain a whitespace character.
