On Fri, 26 Sep 2014, Roy Marples wrote:
Log Message:
Remove \$ as a hidden marker as vis(3) wasn't setting it
and it clobbered VIS_SHELL | VIS_CSTYLE.
This is wrong. "vis -l" outputs \$, and with this change,
unvis won't correctly handle it.
unvis is not intended to reverse shell-style escapes. You can
use the shell's eval command for that.
Doesn't eval kind of defeat the purpose of shell sanitisation
which VIS_SHELL is supposed to achieve? I can always add $ to
"the don't encode this" list for VIS_CSTYLE.
Yes, eval should be avoided if the input in untrusted.
If unvis needs to handle both meanings of \$ (end of line for
output from "vis -l", or '$' for output from the new shell
escaping variant of vis) then it will need a flag to distinguish
the cases. Or vis can be changed to use \044 instead of \$ in the
shell escaping case, which I guess is what you meant by the "don't
encode this" list.
--apb (Alan Barrett)
