2014-11-21 10:45:53 +0800, konsolebox:
[...]
> blackbox() {
> [[ $1 == [[:alpha:]_]*([[:alnum:]_]) ]] || return 1 ## Or use
> print_error_message_and_exit().
> declare -n arg=$1; printf '%s\n' "$arg" ## Even just using ${!1}
> would work.
> }
[...]
Or use
eval "arg=\${$1}"
Or:
eval "arg=\"\${$1}\"" # for ${array[*]}
which has the benifit to also work with $0, $-, $!, $$,
${array[4]} (but obviously not so well with $1, $?, $#, $arg...)
and as Greg pointed out is not any more dangerous than declare
-n.
> to it is valid since if the user can do "blackbox 'a[b=$(something_evil)]'",
> then why would he not just run something_evil directly anyway. If it's
> anything other than that then it's probably the scripts being called or is
> running the automation that should be questioned.
Greg's point was that "declare -n" is not any less dangerous
than using eval here.
--
Stephane
