Bug in graphics conversion shell script

Angus Leeming Fri, 01 Oct 2004 06:58:17 -0700

Two patches attached, for 1.3.x and 1.4.x. Rationale below.
Ok to apply to 1.3.x, Jean-Marc?
Angus



You'd think that building a shell script, so, would be safe:

        script << "infile="      << QuoteName(infile) << '\n'
               << "infile_base=" << QuoteName(infile_base) << '\n'
               << "outfile="     << QuoteName(outfile) << '\n';

However, here's the resultant script as output by 1.3.x:

#!/bin/sh
infile='/home/angus/Acinus/docs/tree/images/acinus2D_18x17_all.eps'
infile_base='/home/angus/Acinus/docs/tree/images/acinus2D_18x17_all'
outfile='/tmp/lyx_tmpdir3885dddBtF/gconvert03885moFO1B.png'

my_ps2png ${infile} ${outfile} ||
{
        'rm' -f ${outfile}
        exit 1
}

${infile} and ${outfile} expand to strings without those quotes. If the
file names contain spaces or other exotica, we're hosed :-(

For example:
#!/bin/sh
infile='foo bar.eps'
outfile='/tmp/lyx_tmpdir3885dddBtF/gconvert03885moFO1B.png'

my_ps2png ${infile} ${outfile}

Where my_ps2png is:
#! /bin/sh
while [ $# -gt 0 ]
do
        echo $1
        shift 1
done

Results in
foo
bar.eps
/tmp/lyx_tmpdir3885dddBtF/gconvert03885moFO1B.png

All variables must be wrapped in double quotes:
#! /bin/sh
infile='foo bar${PATH}.eps'
outfile='/tmp/lyx_tmpdir3885dddBtF/gconvert03885moFO1B.png'

my_ps2png "${infile}" "${outfile}"

Results in:
foo bar${PATH}.eps
/tmp/lyx_tmpdir3885dddBtF/gconvert03885moFO1B.png

? src/graphics/tmp.diff
Index: status.13x
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/Attic/status.13x,v
retrieving revision 1.1.2.199
diff -u -p -r1.1.2.199 status.13x
--- status.13x	22 Sep 2004 15:37:54 -0000	1.1.2.199
+++ status.13x	1 Oct 2004 13:55:41 -0000
@@ -66,6 +66,9 @@ What's new
 
 - Remove extra spaces around math insets in plain text output.
 
+- Quote shell variables correctly in the generated sh script used
+  to control the conversion of graphics images to a loadable format.
+
 * User Interface:
 
 - Use opening quotation marks after an opening square bracket.
Index: src/graphics/ChangeLog
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/graphics/ChangeLog,v
retrieving revision 1.139.2.6
diff -u -p -r1.139.2.6 ChangeLog
--- src/graphics/ChangeLog	9 Jun 2004 12:35:49 -0000	1.139.2.6
+++ src/graphics/ChangeLog	1 Oct 2004 13:55:42 -0000
@@ -1,3 +1,8 @@
+2004-10-01  Angus Leeming  <[EMAIL PROTECTED]>
+
+	* GraphicsConverter.C (move_file, build_script): protect
+	shell variables with quotes.
+
 2004-06-09  Angus Leeming  <[EMAIL PROTECTED]>
 
 	* PreviewLoader.C (startLoading): remove the "sh " prefix from the
Index: src/graphics/GraphicsConverter.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/graphics/GraphicsConverter.C,v
retrieving revision 1.25.2.1
diff -u -p -r1.25.2.1 GraphicsConverter.C
--- src/graphics/GraphicsConverter.C	3 Nov 2003 11:30:08 -0000	1.25.2.1
+++ src/graphics/GraphicsConverter.C	1 Oct 2004 13:55:42 -0000
@@ -247,16 +247,16 @@ string const move_file(string const & fr
 	ostringstream command;
 	command << "fromfile=" << from_file << "\n"
 		<< "tofile="   << to_file << "\n\n"
-		<< "'mv' -f ${fromfile} ${tofile} ||\n"
+		<< "'mv' -f \"${fromfile}\" \"${tofile}\" ||\n"
 		<< "{\n"
-		<< "\t'cp' -f ${fromfile} ${tofile} ||\n"
+		<< "\t'cp' -f \"${fromfile}\" \"${tofile}\" ||\n"
 		<< "\t{\n"
 		<< "\t\texit 1\n"
 		<< "\t}\n"
-		<< "\t'rm' -f ${fromfile}\n"
+		<< "\t'rm' -f \"${fromfile}\"\n"
 		<< "}\n";
 
-	return STRCONV(command.str());
+	return command.str();
 }
 
 
@@ -319,9 +319,9 @@ bool build_script(string const & from_fi
 		       << "outfile="     << QuoteName(outfile) << '\n';
 
 		string command = conv.command;
-		command = subst(command, token_from, "${infile}");
-		command = subst(command, token_base, "${infile_base}");
-		command = subst(command, token_to,   "${outfile}");
+		command = subst(command, token_from, "\"${infile}\"");
+		command = subst(command, token_base, "\"${infile_base}\"");
+		command = subst(command, token_to,   "\"${outfile}\"");
 		command = LibScriptSearch(command);
 
 		// Store in the shell script
@@ -330,7 +330,7 @@ bool build_script(string const & from_fi
 		// Test that this was successful. If not, remove
 		// ${outfile} and exit the shell script
 		script << "{\n"
-		       << "\t'rm' -f ${outfile}\n"
+		       << "\t'rm' -f \"${outfile}\"\n"
 		       << "\texit 1\n"
 		       << "}\n\n";
 
@@ -339,10 +339,10 @@ bool build_script(string const & from_fi
 		// ${outfile}.1.
 		// If this occurs, move ${outfile}.0 to ${outfile}
 		// and delete ${outfile}.?
-		script << "if [ ! -f ${outfile} ]; then\n"
-		       << "\tif [ -f ${outfile}.0 ]; then\n"
-		       << "\t\t'mv' -f ${outfile}.0 ${outfile}\n"
-		       << "\t\t'rm' -f ${outfile}.?\n"
+		script << "if [ ! -f \"${outfile}\" ]; then\n"
+		       << "\tif [ -f \"${outfile}\".0 ]; then\n"
+		       << "\t\t'mv' -f \"${outfile}\".0 \"${outfile}\"\n"
+		       << "\t\t'rm' -f \"${outfile}\".?\n"
 		       << "\telse\n"
 		       << "\t\texit 1\n"
 		       << "\tfi\n"
@@ -350,12 +350,12 @@ bool build_script(string const & from_fi
 
 		// Delete the infile, if it isn't the original, from_file.
 		if (infile != from_file) {
-			script << "'rm' -f ${infile}\n\n";
+			script << "'rm' -f \"${infile}\"\n\n";
 		}
 	}
 
 	// Move the final outfile to to_file
-	script << move_file("${outfile}", QuoteName(to_file));
+	script << move_file("\"${outfile}\"", QuoteName(to_file));
 	lyxerr[Debug::GRAPHICS] << "ready!" << endl;
 
 	return true;

Index: src/graphics/ChangeLog
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/graphics/ChangeLog,v
retrieving revision 1.208
diff -u -p -r1.208 ChangeLog
--- src/graphics/ChangeLog	26 Sep 2004 14:19:47 -0000	1.208
+++ src/graphics/ChangeLog	1 Oct 2004 13:55:08 -0000
@@ -1,3 +1,8 @@
+2004-10-01  Angus Leeming  <[EMAIL PROTECTED]>
+
+	* GraphicsConverter.C (move_file, build_script): protect
+	shell variables with quotes.
+
 2004-09-26  Lars Gullik Bjonnes  <[EMAIL PROTECTED]>
 
 	* pch.h: use proper signal include
Index: src/graphics/GraphicsConverter.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/graphics/GraphicsConverter.C,v
retrieving revision 1.44
diff -u -p -r1.44 GraphicsConverter.C
--- src/graphics/GraphicsConverter.C	26 Sep 2004 14:19:47 -0000	1.44
+++ src/graphics/GraphicsConverter.C	1 Oct 2004 13:55:08 -0000
@@ -256,13 +256,13 @@ string const move_file(string const & fr
 	ostringstream command;
 	command << "fromfile=" << from_file << "\n"
 		<< "tofile="   << to_file << "\n\n"
-		<< "'mv' -f ${fromfile} ${tofile} ||\n"
+		<< "'mv' -f \"${fromfile}\" \"${tofile}\" ||\n"
 		<< "{\n"
-		<< "\t'cp' -f ${fromfile} ${tofile} ||\n"
+		<< "\t'cp' -f \"${fromfile}\" \"${tofile}\" ||\n"
 		<< "\t{\n"
 		<< "\t\texit 1\n"
 		<< "\t}\n"
-		<< "\t'rm' -f ${fromfile}\n"
+		<< "\t'rm' -f \"${fromfile}\"\n"
 		<< "}\n";
 
 	return command.str();
@@ -328,9 +328,9 @@ bool build_script(string const & from_fi
 		       << "outfile="     << QuoteName(outfile) << '\n';
 
 		string command = conv.command;
-		command = subst(command, token_from, "${infile}");
-		command = subst(command, token_base, "${infile_base}");
-		command = subst(command, token_to,   "${outfile}");
+		command = subst(command, token_from, "\"${infile}\"");
+		command = subst(command, token_base, "\"${infile_base}\"");
+		command = subst(command, token_to,   "\"${outfile}\"");
 		command = LibScriptSearch(command);
 
 		// Store in the shell script
@@ -339,7 +339,7 @@ bool build_script(string const & from_fi
 		// Test that this was successful. If not, remove
 		// ${outfile} and exit the shell script
 		script << "{\n"
-		       << "\t'rm' -f ${outfile}\n"
+		       << "\t'rm' -f \"${outfile}\"\n"
 		       << "\texit 1\n"
 		       << "}\n\n";
 
@@ -348,10 +348,10 @@ bool build_script(string const & from_fi
 		// ${outfile}.1.
 		// If this occurs, move ${outfile}.0 to ${outfile}
 		// and delete ${outfile}.?
-		script << "if [ ! -f ${outfile} ]; then\n"
-		       << "\tif [ -f ${outfile}.0 ]; then\n"
-		       << "\t\t'mv' -f ${outfile}.0 ${outfile}\n"
-		       << "\t\t'rm' -f ${outfile}.?\n"
+		script << "if [ ! -f \"${outfile}\" ]; then\n"
+		       << "\tif [ -f \"${outfile}\".0 ]; then\n"
+		       << "\t\t'mv' -f \"${outfile}\".0 \"${outfile}\"\n"
+		       << "\t\t'rm' -f \"${outfile}\".?\n"
 		       << "\telse\n"
 		       << "\t\texit 1\n"
 		       << "\tfi\n"
@@ -359,12 +359,12 @@ bool build_script(string const & from_fi
 
 		// Delete the infile, if it isn't the original, from_file.
 		if (infile != from_file) {
-			script << "'rm' -f ${infile}\n\n";
+			script << "'rm' -f \"${infile}\"\n\n";
 		}
 	}
 
 	// Move the final outfile to to_file
-	script << move_file("${outfile}", QuoteName(to_file));
+	script << move_file("\"${outfile}\"", QuoteName(to_file));
 	lyxerr[Debug::GRAPHICS] << "ready!" << endl;
 
 	return true;

Bug in graphics conversion shell script

Reply via email to