Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: vcs_info: '%' in payloads not escaped

X-seq: zsh-workers 40277
From: Daniel Shahaf <d.s@xxxxxxxxxxxxxxxxxx>
To: Frank Terbeck <ft@xxxxxxxxxxxxxxxxxxx>
Subject: Re: vcs_info: '%' in payloads not escaped
Date: Fri, 6 Jan 2017 02:21:28 +0000
Cc: zsh-workers@xxxxxxx
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= daniel.shahaf.name; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= mesmtp; bh=2nlB3V7dy81xuyhudTOq/nqu7EQ=; b=a5BkxaU329+ZmoVRwfDBr kkoQwpi8gLO9VUhzCQczp+gEJ4C9Slzfp8C8h9BZIyqclPv4q8wx3U+q8P2cxnVr dZKe8uu17H8/XiaE3oTJUMqNhw7pLB9MeAkBgf8VMNy0CemCWGMcNRsPpOFZYc0j 6op4CmOhtLDvJWzraGSXwE=
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= smtpout; bh=2nlB3V7dy81xuyhudTOq/nqu7EQ=; b=Y2hBC6oe0813iO4EwS0t 6tLh0vkBGjcRgPrhFt62VTL6o8zuw0Ca1GzUZ19bNKWQ7ymGfefMSRNPenLm1opU c+pOyNy9FwBMl6mVtinSz+s+43nf4XEgGEiA8EImt7Oi66LgwQ8xJ24AlexHyDlG 4lNcG5phhg5kvoXvJrN3R0Q=
In-reply-to: <871swhqxph.fsf@ft.bewatermyfriend.org>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <20161227150507.GA20351@fujitsu.shahaf.local2> <20170105160730.GA21106@fujitsu.shahaf.local2> <871swhqxph.fsf@ft.bewatermyfriend.org>

Frank Terbeck wrote on Thu, Jan 05, 2017 at 17:27:06 +0100:
> Hey Daniel!
> 
> Daniel Shahaf wrote:
> [...]
> > How about the following?
> >          else
> >              git_applied_s=""
> >          fi
> > +        git_applied_s=${git_applied_s//'%'/%%}
> >      else
> [...]
> >          git_patches_unapplied=${#git_patches_unapplied}
> > +        git_patches_unapplied=${git_patches_unapplied//'%'/%%}
> >      else
> 
> I honestly don't know. Isn't this like kind-of-predictable behavior
> versus a — potentially — a lot of special cases? I don't think that it's
> possible to get this right in the general case. It's in-band data that
> is indistinguishable from data that is interpreted by something that
> interprets zsh's prompt language.

A lot of special cases, how?  $git_applied_s contains a string derived
from git, so we know that any and all percent signs in it need escaping.
That's why the escaping is done before the first zformat call, and only
if user hooks were not called: because that's the only case in which we
know for certain what does and doesn't need escaping.

With this patch, the following invariant holds: immediately after the
`fi` that ends the `if VCS_INFO_hook …` condition, $git_applied_s is
properly %-escaped — either via the hook obeying the `Oddities'
contract, or (if there's no hook) via the code added by this patch.

I'm sure there's a way to escape payloads sanely, and we just need to
figure out what that is...

Cheers,

Daniel

Follow-Ups:
- Re: vcs_info: '%' in payloads not escaped
  - From: Frank Terbeck

References:
- Re: vcs_info: '%' in payloads not escaped
  - From: Daniel Shahaf
- Re: vcs_info: '%' in payloads not escaped
  - From: Frank Terbeck

Messages sorted by: Reverse Date, Date, Thread, Author