Escaping regexp meta characters
in [Shell]
|
From: August Karlstrom on 28 Feb 2010 12:48 Hi, How do I escape all meta characters in $foo in the command sed s/$foo/bar/ Regards August
From: Teemu Likonen on 28 Feb 2010 13:21 * 2010-02-28 18:48 (+0100), August Karlstrom wrote: > How do I escape all meta characters in $foo in the command > > sed s/$foo/bar/ #!/bin/sh quote-regexp () { printf '%s\n' "$1" | sed -e 's,[]/[\^$.*],\\&,g' } foo=something foo_escaped=$(quote-regexp "$foo") sed -e "s/$foo_escaped/bar/" Note that the function escapes "/" character too because the character will be used in the final sed's s/// command.
From: August Karlstrom on 28 Feb 2010 16:51 Teemu Likonen wrote: > * 2010-02-28 18:48 (+0100), August Karlstrom wrote: > >> How do I escape all meta characters in $foo in the command >> >> sed s/$foo/bar/ > > #!/bin/sh > quote-regexp () { > printf '%s\n' "$1" | sed -e 's,[]/[\^$.*],\\&,g' > } > > foo=something > foo_escaped=$(quote-regexp "$foo") > sed -e "s/$foo_escaped/bar/" > > Note that the function escapes "/" character too because the character > will be used in the final sed's s/// command. Thanks Teemu. I thought there would be a standard command for quoting regular expressions. August
From: Barry Margolin on 28 Feb 2010 19:20 In article <4b8ae56c$0$4279$6e1ede2f(a)read.cnntp.org>, August Karlstrom <fusionfile(a)gmail.com> wrote: > Teemu Likonen wrote: > > * 2010-02-28 18:48 (+0100), August Karlstrom wrote: > > > >> How do I escape all meta characters in $foo in the command > >> > >> sed s/$foo/bar/ > > > > #!/bin/sh > > quote-regexp () { > > printf '%s\n' "$1" | sed -e 's,[]/[\^$.*],\\&,g' > > } > > > > foo=something > > foo_escaped=$(quote-regexp "$foo") > > sed -e "s/$foo_escaped/bar/" > > > > Note that the function escapes "/" character too because the character > > will be used in the final sed's s/// command. > > Thanks Teemu. I thought there would be a standard command for quoting > regular expressions. There is if you're using Perl, but not in shell. -- Barry Margolin, barmar(a)alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me *** *** PLEASE don't copy me on replies, I'll read them in the group ***
From: Mark Hobley on 28 Feb 2010 20:08 Teemu Likonen <tlikonen(a)iki.fi> wrote: > #!/bin/sh > quote-regexp () { > printf '%s\n' "$1" | sed -e 's,[]/[\^$.*],\\&,g' > } > > foo=something > foo_escaped=$(quote-regexp "$foo") > sed -e "s/$foo_escaped/bar/" Is that CGI safe? Will a string in doublequotes always remain intact, or is it possible to close the quotes and insert a command by maliciously malforming $foo to contain quotes, null characters, and other such stuff? For example from the above code, is it possible to break this at the points marked below: foo_escaped=$(quote-regexp "$foo") ^ | could foo close the quotes here and do something bad? Or what about in quote-regexp itself? | | quote-regexp () { V printf '%s\n' "$1" | sed -e 's,[]/[\^$.*],\\&,g' If it is CGI safe, is it CGI safe with all bourne compatible shells, or do some break? Mark. -- Mark Hobley Linux User: #370818 http://markhobley.yi.org/
|
Next
|
Last
Pages: 1 2 3 4 Prev: search pattern and display lines around the pattern Next: Processing stdin in blocks |