C for line output for shell argument?

Question

C for line output for shell argument?

Which function should I use to exclude strings for a shell command argument in C?

I have a line:
This is a string with () characters
This will be an error:
echo This is a string with () characters
Everything is good:
echo "This is a string with () characters"
echo This is a string with \(\) characters

Is there a predefined conversion function from # 2 to # 3 in C?

+7

c function shell escaping

Eonil Sep 08 '10 at 14:45

source share

6 answers

There is no predefined function.

However, I believe that it is enough to simply enclose any shell argument in single quotes and make sure that single quotes are escaped.

That the escapeshellarg logic works in PHP, and I believe that it works quite well.

+2

Frerich raabe Sep 08 '10 at 15:08

source share

Nothing is predefined, and what characters require escaping depends on your shell. Look at the documents for your shell and replace each X with \ X. Using double quotation marks "will require the same treatment if the line you insert contains".

Also note that this will get complicated if you intend to encapsulate more complex expressions (for example, something like ";")

+1

jkerian Sep 08 '10 at 15:05

source share

C is not my choice language, but here is what I came up with (to answer the same question myself).

 #include <stdio.h> // sprintf #include <stdlib.h> // malloc #include <string.h> // strlen char* escapeshellarg(char* str) { char *escStr; int i, count = strlen(str), ptr_size = count+3; escStr = (char *) calloc(ptr_size, sizeof(char)); if (escStr == NULL) { return NULL; } sprintf(escStr, "'"); for(i=0; i<count; i++) { if (str[i] == '\'') { ptr_size += 3; escStr = (char *) realloc(escStr,ptr_size * sizeof(char))); if (escStr == NULL) { return NULL; } sprintf(escStr, "%s'\\''", escStr); } else { sprintf(escStr, "%s%c", escStr, str[i]); } } sprintf(escStr, "%s%c", escStr, '\''); return escStr; }

Given escape'this' , it will output 'escape'\''this'\''' , which can then be passed to echo .

 $ echo 'escape'\''this'\''' escape'this'

+1

N13 Aug 7 '12 at 21:44

source share

Your second version 3. is simple, no?

 printf("\"%s\"", your string);

0

Jens gustedt Sep 08 '10 at 15:06

source share

Replace each quotation mark with '\'' , then enclose the resulting string in single quotation marks ' :

 char *escapeShellArg( char *arg ) { char *esc; uint16_t i, j, n; n = strlen( arg ); esc = calloc( 1, n * 4 + 3 ); esc[0] = '\''; j = 1; for( i = 0; i < n; i++ ) { if( arg[ i ] == '\'' ) { esc[ j ] = '\''; esc[ j+1 ] = '\\'; esc[ j+2 ] = '\''; esc[ j+3 ] = '\''; j += 4; } else { esc[ j++ ] = arg[ i ]; } } esc[ j ] = '\''; return esc; }

0

Paolo Sep 23 '19 at 21:19

source share

R .. · Accepted Answer · 2010-09-08T16:22:49+0000

Replacing all instances of ' with '\'' , and enclosing the entire string in single quotes ( ' ) is a safe way. This works even with inline newlines. Another method would be to insert a \ in front of each character, except that then you need to do a special treatment for newline, since \ followed by a newline is ignored by the shell, and is not considered a literal newline. You will need to surround the newline characters ' (single quotes).

C for line output for shell argument?

More articles: