Project

General

Profile

Actions

Bug #14765

closed

Arguments passed to Open3.popen3() are not interpreted as wildcards

Added by Rushyanth (Rushyanth reddy) almost 6 years ago. Updated almost 6 years ago.

Status:
Rejected
Assignee:
-
Target version:
-
[ruby-core:87078]

Description

In console when we write

stdin, stdout, stderr, wait_thr = Open3.popen4("cat .*.yml")
stdout.readlines

All the files with names starting with . and ending in .yml are shown
But when we do

stdin, stdout, stderr, wait_thr = Open3.popen4("cat", ".*.yml")
stdout.readlines

It returns an empty array
stderr.readlines says ["cat: .*.yml: No such file or directory\n"]
Because it is interpreting the string arguments as it is and looking for a file with name .*.yml and not interpreting as in the first case.

Updated by Rushyanth (Rushyanth reddy) almost 6 years ago

In console when we write
stdin, stdout, stderr, wait_thr = Open3.popen3("cat .*.yml")
All the files with names starting with . and ending in .yml are shown
But when we do

stdin, stdout, stderr, wait_thr = Open3.popen3("cat", ".*.yml")

It returns an empty array

stderr.readlines says

["cat: .*.yml: No such file or directory\n"]

Because it is interpreting the string arguments as it is and looking for a file with name .*.yml and not interpreting as in the first case.

Actions #2

Updated by Rushyanth (Rushyanth reddy) almost 6 years ago

  • Tracker changed from Feature to Bug
  • Backport set to 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN
Actions #3

Updated by Rushyanth (Rushyanth reddy) almost 6 years ago

  • ruby -v set to 2.3.1

Updated by nobu (Nobuyoshi Nakada) almost 6 years ago

  • Subject changed from Arguments passed to Open3.popen3() are not interpreted as regular expressions to Arguments passed to Open3.popen3() are not interpreted as wildcards
  • Description updated (diff)

What's Open3.popen4?
The bundled library open3.rb does not provide such method.
Maybe a third party's method?

Updated by Rushyanth (Rushyanth reddy) almost 6 years ago

Sorry my bad. That was typing error while raising the issue. Its actually Open3.popen3(). Its mentioned correctly in the subject

Updated by akr (Akira Tanaka) almost 6 years ago

  • Status changed from Open to Rejected

wildcard expansion is done at shell.

If you need shell, specify a command line as one string.

Updated by nobu (Nobuyoshi Nakada) almost 6 years ago

Besides, the array form is to get rid of the expansion by the shell, which might cause security issues.

Updated by Rushyanth (Rushyanth reddy) almost 6 years ago

Suppose I have a variable
x = "abc"
I need to cat a file abc.yml I write

Open3.popen3("cat #{x}.yml") --------------------- (1)

This will lead to Command Injection warning.
So we need to pass the arguments seperately like

Open3.popen3("cat", x+".yml") ------------------- (2)

The second type will not lead to command Injection warning and both cases 1 and 2 work fine

But If I need to retrieve data of many files not just a single file.

Then I need to write

Open3.popen3("cat *.yml") -------- (1)

or

Open3.popen3("cat", "*.yml") ------ (2)

The 1st case works fine but the second case fails .

Because in second case popen3 is interpreting its second argument *.yml as a file name .

But * should actually be interpreted as regular expression character where it retrieves all the file names ending in .yml

Updated by Hanmac (Hans Mackowiak) almost 6 years ago

popen3 uses Process.spawn and this does show this in the docs:

commandline : command line string which is passed to the standard shell
cmdname, arg1, ... : command name and one or more arguments (This form does not use the shell. See below for caveats.)

Updated by nobu (Nobuyoshi Nakada) almost 6 years ago

Open3.popen3("cat", *Dir.glob("*.yml"))
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0