From 83c4dc641dfc5bd07bbdbfe53c663f97533f17af Mon Sep 17 00:00:00 2001 From: "Dirk-Jan C. Binnema" Date: Sat, 7 Mar 2026 15:49:44 +0200 Subject: mu/lib: fix some possible quoting issues --- lib/utils/mu-utils-file.cc | 5 ++--- lib/utils/mu-utils.hh | 18 +++++++++++++++--- mu/mu-cmd-find.cc | 3 +-- mu/mu-options.cc | 7 +++---- 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/lib/utils/mu-utils-file.cc b/lib/utils/mu-utils-file.cc index 8f75ff7..56b1c6f 100644 --- a/lib/utils/mu-utils-file.cc +++ b/lib/utils/mu-utils-file.cc @@ -370,7 +370,7 @@ expand_path_real(const std::string& str) int res; wordexp_t result{}; - res = wordexp(str.c_str(), &result, 0); + res = wordexp(str.c_str(), &result, WRDE_NOCMD); if (res != 0) return Err(Error::Code::File, "cannot expand {}; err={}", str, res); else if (auto&n = result.we_wordc; n != 1) { @@ -395,8 +395,7 @@ Mu::expand_path(const std::string& str) return res; // failed... try quoting. - auto qstr{to_string_gchar(g_shell_quote(str.c_str()))}; - return expand_path_real(qstr); + return expand_path_real(shell_quote(str)); } diff --git a/lib/utils/mu-utils.hh b/lib/utils/mu-utils.hh index c465689..5758c31 100644 --- a/lib/utils/mu-utils.hh +++ b/lib/utils/mu-utils.hh @@ -497,7 +497,7 @@ to_string(const T& val) * * @return a string_view */ -static inline std::string_view +inline std::string_view to_string_view(const std::string& s) { return std::string_view{s.data(), s.size()}; @@ -510,7 +510,7 @@ to_string_view(const std::string& s) * * @return a std::string, empty if gchar was {} */ -static inline std::string +inline std::string to_string_gchar(gchar*&& str) { std::string s(str?str:""); @@ -524,7 +524,7 @@ to_string_gchar(gchar*&& str) * * @return a std::string, empty if gchar was {} */ -static inline std::string +inline std::string to_string_char(char*&& str) { std::string s(str?str:""); @@ -532,6 +532,18 @@ to_string_char(char*&& str) return s; } +/** + * Shell-quote the given string (as per g_shell_quote()) + * + * @param str some string + * + * @return quoted string + */ +inline std::string shell_quote(const std::string& str) { + return to_string_gchar(g_shell_quote(str.c_str())); +} + + /* * Lexnums are lexicographically sortable string representations of non-negative * integers. Start with 'f' + length of hex-representation number, followed by diff --git a/mu/mu-cmd-find.cc b/mu/mu-cmd-find.cc index d4c7e17..a85bdc8 100644 --- a/mu/mu-cmd-find.cc +++ b/mu/mu-cmd-find.cc @@ -116,8 +116,7 @@ exec_cmd(const Option& msg, const OutputInfo& info, const Options& opts int wait_status{}; GError *err{}; - auto cmdline{mu_format("{} {}", opts.find.exec, - to_string_gchar(g_shell_quote(msg->path().c_str())))}; + auto cmdline{mu_format("{} {}", opts.find.exec, shell_quote(msg->path()))}; if (!g_spawn_command_line_sync(cmdline.c_str(), {}, {}, &wait_status, &err)) return Err(Error::Code::File, &err/*consumed*/, diff --git a/mu/mu-options.cc b/mu/mu-options.cc index 2690529..509255a 100644 --- a/mu/mu-options.cc +++ b/mu/mu-options.cc @@ -1,5 +1,5 @@ /* -** Copyright (C) 2022-2025 Dirk-Jan C. Binnema +** Copyright (C) 2022-2026 Dirk-Jan C. Binnema ** ** This program is free software; you can redistribute it and/or modify it ** under the terms of the GNU General Public License as published by the @@ -140,8 +140,7 @@ to_enum(const IE& ie, std::string_view name) { for(auto&& item: ie) if (item.second.first == name) return item.first; - else - return Nothing; + return Nothing; } /** @@ -826,7 +825,7 @@ show_manpage(Options& opts, const std::string& name) "cannot find 'man' program"); GError* err{}; - const auto cmd{mu_format("{} {}", *manprog, name)}; + const auto cmd{mu_format("{} {}", *manprog, shell_quote(name))}; // run_command0 doesn't work here. auto res = g_spawn_command_line_sync(cmd.c_str(), {}, {}, {}, &err); if (!res) -- cgit v1.0