13085 – Prevent escape sequence evaluation in test_give_owner.sh

Bug 13085 - Prevent escape sequence evaluation in test_give_owner.sh

Summary: Prevent escape sequence evaluation in test_give_owner.sh

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	File services (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Ralph Böhme
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:	7933
Blocks:
	Show dependency tree / graph

Reported:	2017-10-13 12:32 UTC by Ralph Böhme
Modified:	2018-07-07 13:01 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ralph Böhme 2017-10-13 12:32:26 UTC

/bin/sh on sn-devel-144 is dash which has a XSI compliant echo builtin. That means echo will always interpret escape sequences in strings, eg

$ /bin/sh -c 'echo -n "\a" | hexdump -C'
00000000  07                                                |.|

There's no way to prevent the echo command from doing this.

In the script test_give_owner.sh echo was used to print an ACE which will contain a DOMAIN\USER substring. If the first character of USER is a valid escape sequence, the resulting string was interpreted as an escape sequence:

$ /bin/sh -c 'echo "FILESERVER\asn"'
FILESERVERsn

The only portable way to print a string without interpreting embedded escape sequences seems to be using printf:

$ /bin/sh -c 'printf "%s\n" "FILESERVER\asn"'
FILESERVER\asn

Comment 1 Ralph Böhme 2018-07-07 13:01:30 UTC

Fixed in 7abf0acef48cb585fa8e5666fd4c27692b9c8ae3.