Re: Associative array keys are not reusable in (( command

Oğuz Fri, 08 Jan 2021 07:25:37 -0800

8 Ocak 2021 Cuma tarihinde Chet Ramey <chet.ra...@case.edu> yazdı:

> On 1/8/21 5:20 AM, Oğuz wrote:
>
>> See:
>>
>>      $ declare -A assoc=($'\n\'' 42)
>>      $ for key in "${!assoc[@]}"; do (( assoc[$key]++ )); done
>>      bash: ((: assoc[
>>      ']++ : bad array subscript (error token is "assoc[
>>      ']++ ")
>>      $
>>      $ (( assoc[${key@Q}]++ ))
>>      bash: ((: assoc[$'\n\'']++ : bad array subscript (error token is
>> "assoc[$'\n\'']++ ")
>>
>
> This situation is why bash-5.0 introduced the `assoc_expand_once' option.



But it allows arbitrary command injection.

    $ declare -A assoc
    $ key='x],b[$(uname >&2)'
    $ shopt -s assoc_expand_once
    $ (( assoc[$key]++ ))
    Linux


> --
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
>                  ``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, UTech, CWRU    c...@case.edu    http://tiswww.cwru.edu/~chet/
>


-- 
Oğuz

Re: Associative array keys are not reusable in (( command

Reply via email to