Debian Bug report logs - #259987
bash_completion does not properly quote characters

version graph

Package: bash-completion; Maintainer for bash-completion is Bash Completion Maintainers <bash-completion-devel@lists.alioth.debian.org>; Source for bash-completion is src:bash-completion.

Reported by: Adam Kessel <ajkessel@debian.org>

Date: Sat, 17 Jul 2004 19:03:01 UTC

Severity: important

Tags: security, unreproducible, upstream

Fixed in version 200811xx~bzr1223

Done: David Paleino <d.paleino@gmail.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>:
Bug#259987; Package bash. Full text and rfc822 format available.

Acknowledgement sent to Adam Kessel <ajkessel@debian.org>:
New Bug report received and forwarded. Copy sent to Matthias Klose <doko@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Adam Kessel <ajkessel@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: bash_completion: several completions fail to handle filenames with spaces and other quoted characters
Date: Sat, 17 Jul 2004 14:45:01 -0400
[Message part 1 (text/plain, inline)]
Package: bash
Version: 2.05b-19
Severity: normal

I've noticed that several completions fail when the filename has
characters needing escapes, for example spaces or single quotes.  I could
go through and try to provide a comprehensive list of such failed
completions, but I wonder if there is a more systematic way to insure
that irregular filenames don't trip up completion--after all, it works
fine with standard commands like ls and cat.

Just to give two representative examples:

# ls 'some filename with spaces.iso'
some filename with spaces.iso

# cdrecord some<tab>
filename some spaces.iso with

(i.e., improper completion, it thinks the filename is actually four
separate files)

# cdrecord some\ <tab>
    becomes
  cdrecord some\\\ 
  (and then <tab> again gives no results)

# mount some\ <tab>
 (okay)

# sudo mount some\ <tab>
    grep: Trailing backslash
    grep: Trailing backslash

# sudo mount some\ file<tab>
    (same result)

Anyway, that's just two examples, and I'm sure I've experienced others
with other commands.  Couldn't a more general approach to escaping be
used so that we don't have to fix these on a case-by-case basis?  

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.7-joehill-ethertap
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages bash depends on:
ii  base-files                  3.0.16       Debian base system miscellaneous f
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libncurses5                 5.4-4        Shared libraries for terminal hand
ii  passwd                      1:4.0.3-29   Change and administer password and

-- no debconf information
[signature.asc (application/pgp-signature, inline)]

Noted your statement that Bug has been forwarded to ian@caliban.org. Request was from Matthias Klose <doko@cs.tu-berlin.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: upstream Request was from Matthias Klose <doko@cs.tu-berlin.de> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>:
Bug#259987; Package bash. Full text and rfc822 format available.

Acknowledgement sent to 259987@bugs.debian.org, ian@caliban.org:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>. Full text and rfc822 format available.

Message #14 received at 259987@bugs.debian.org (full text, mbox):

From: Matthias Klose <doko@cs.tu-berlin.de>
To: 259987@bugs.debian.org, ian@caliban.org
Subject: Re: several completions fail to handle filenames with spaces and other quoted characters
Date: Sun, 17 Oct 2004 16:44:49 +0200
the completion for mount works, it still fails for cdrecord.



Information forwarded to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>:
Bug#259987; Package bash. Full text and rfc822 format available.

Acknowledgement sent to Anthony DeRobertis <anthony@derobert.net>:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>. Full text and rfc822 format available.

Message #19 received at 259987@bugs.debian.org (full text, mbox):

From: Anthony DeRobertis <anthony@derobert.net>
To: control@bugs.debian.org,259987@bugs.debian.org
Subject: More of them, some quite dangerous
Date: Sat, 09 Apr 2005 17:33:21 -0400
severity 259987 important
tags 259987 +security
thanks

Here is an example:
$ touch "ddd&echo crap"
$ aspell check ddd<TAB>

This completes to:
$ aspell check ddd&echo crap 

The user expects tab-completion to safely escape file names, and thus it is
quite possible he won't notice it failed to, and thus execute an arbitan arbitrary command. Remember this could be burried deep inside a long file
name to make it much less likely for the user to notice.




Severity set to `important'. Request was from Anthony DeRobertis <anthony@derobert.net> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: security Request was from Anthony DeRobertis <anthony@derobert.net> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>:
Bug#259987; Package bash. Full text and rfc822 format available.

Acknowledgement sent to Nathan Poznick <kraken@wang-fu.org>:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>. Full text and rfc822 format available.

Message #28 received at 259987@bugs.debian.org (full text, mbox):

From: Nathan Poznick <kraken@wang-fu.org>
To: 259987@bugs.debian.org
Subject: scp completion gets it partially correct
Date: Sun, 1 May 2005 13:05:29 -0500
[Message part 1 (text/plain, inline)]
Another example,

$ touch foo\'s
$ scp foo<TAB>

completes to
$ scp foo's

scp completion fails to escape the following characters properly:
`~!@$*=[]{}"'?


-- 
Nathan Poznick <kraken@wang-fu.org>

The penalty for laughing in a courtroom is six months in jail; if it
were not for this penalty, the jury would never hear the evidence.
- H.L. Mencken
[signature.asc (application/pgp-signature, inline)]

Bug reassigned from package `bash' to `bash-completion'. Request was from Luk Claes <luk@debian.org> to control@bugs.debian.org. (Sun, 02 Mar 2008 15:24:31 GMT) Full text and rfc822 format available.

Removed annotation that Bug had been forwarded to ian@caliban.org. Request was from David Paleino <d.paleino@gmail.com> to control@bugs.debian.org. (Sun, 11 May 2008 16:06:17 GMT) Full text and rfc822 format available.

Changed Bug title to `bash_completion does not properly quote characters' from `bash_completion: several completions fail to handle filenames with spaces and other quoted characters'. Request was from David Paleino <d.paleino@gmail.com> to control@bugs.debian.org. (Sun, 11 May 2008 16:06:18 GMT) Full text and rfc822 format available.

Bug marked as fixed in version 20080705. Request was from David Paleino <d.paleino@gmail.com> to control@bugs.debian.org. (Sat, 06 Sep 2008 20:06:08 GMT) Full text and rfc822 format available.

Reply sent to David Paleino <d.paleino@gmail.com>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Adam Kessel <ajkessel@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #41 received at 259987-done@bugs.debian.org (full text, mbox):

From: David Paleino <d.paleino@gmail.com>
To: 259987-done@bugs.debian.org
Cc: Bash-Completion Developers <bash-completion-devel@lists.alioth.debian.org>, Adam Kessel <ajkessel@debian.org>, Matthias Klose <doko@cs.tu-berlin.de>, Anthony DeRobertis <anthony@derobert.net>, Nathan Poznick <kraken@wang-fu.org>
Subject: Re: bash_completion: several completions fail to handle filenames with spaces and other quoted character
Date: Sat, 6 Sep 2008 22:05:08 +0200
[Message part 1 (text/plain, inline)]
fixed 259987 20080705
thanks

Hello,
you've been CCed in this mail because you showed interest in bug #259987 [1] in
the Debian BTS, regarding bash-completion (it was in bash, at the time).

I'm sending you this mail because I'm closing the bug: I've just tried all the
cases described in the bugreport, and everything works fine (i.e. spaces, & and
' get correctly quoted, no matter what the command is) -- it seems like
somewhere in these years it has been fixed.

Please, if you happen to re-encounter this bug, feel free to reopen it, sending
a mail to control@bugs.debian.org with:


reopen 259987
thanks


Thanks for your attention,
David Paleino
Bash-Completion Developers.

[1] http://bugs.debian.org/259987

-- 
 . ''`.  Debian maintainer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://snipr.com/qa_page
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174
[signature.asc (application/pgp-signature, attachment)]

Bug reopened, originator not changed. Request was from Anthony DeRobertis <anthony@derobert.net> to control@bugs.debian.org. (Sat, 06 Sep 2008 23:54:05 GMT) Full text and rfc822 format available.

Information stored:
Bug#259987; Package bash-completion. Full text and rfc822 format available.

Acknowledgement sent to David Paleino <d.paleino@gmail.com>:
Extra info received and filed, but not forwarded. Full text and rfc822 format available.

Message #48 received at 259987-quiet@bugs.debian.org (full text, mbox):

From: David Paleino <d.paleino@gmail.com>
To: 259987-quiet@bugs.debian.org
Cc: Anthony DeRobertis <anthony@derobert.net>, Bash-Completion Developers <bash-completion-devel@lists.alioth.debian.org>
Subject: Re: [Bash-completion-devel] Processed: Re: bash_completion: several completions fail to handle filenames with spaces and other quoted character
Date: Sun, 7 Sep 2008 10:46:15 +0200
[Message part 1 (text/plain, inline)]
Hi Anthony,

On Sat, 06 Sep 2008 23:54:05 +0000, Debian Bug Tracking System wrote:

> Processing commands for control@bugs.debian.org:
> 
> > reopen 259987
> Bug#259987: bash_completion does not properly quote characters
> 'reopen' may be inappropriate when a bug has been closed with a version;
> you may need to use 'found' to remove fixed versions.
> Bug reopened, originator not changed.

Did you find this bug again?
Would you please test the attached bash_completion ? It's the current
development one, I suggest you to backup your old file before substituting with
this one.

Kindly,
David

-- 
 . ''`.  Debian maintainer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://snipr.com/qa_page
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174
[bash_completion.bz2 (application/x-bzip, attachment)]
[signature.asc (application/pgp-signature, attachment)]

Tags added: unreproducible Request was from David Paleino <d.paleino@gmail.com> to control@bugs.debian.org. (Fri, 09 Jan 2009 11:06:02 GMT) Full text and rfc822 format available.

Bug marked as fixed in version 200811xx~bzr1223. Request was from David Paleino <d.paleino@gmail.com> to control@bugs.debian.org. (Fri, 09 Jan 2009 11:06:02 GMT) Full text and rfc822 format available.

Reply sent to David Paleino <d.paleino@gmail.com>:
You have taken responsibility. (Fri, 09 Jan 2009 11:06:04 GMT) Full text and rfc822 format available.

Notification sent to Adam Kessel <ajkessel@debian.org>:
Bug acknowledged by developer. (Fri, 09 Jan 2009 11:06:04 GMT) Full text and rfc822 format available.

Message #57 received at 259987-done@bugs.debian.org (full text, mbox):

From: David Paleino <d.paleino@gmail.com>
To: 259987-done@bugs.debian.org
Cc: Debian Bugs Control <control@bugs.debian.org>
Subject: Bug not reproducible anymore
Date: Fri, 9 Jan 2009 12:04:15 +0100
[Message part 1 (text/plain, inline)]
tags 259987 unreproducible
fixed 259987 200811xx~bzr1223
thanks

Hello,
I'm closing this bug since I can't reproduce it anymore with the current
version in bzr (revision 1223).
Also, I pinged who reopened the bug in September, more than 4 months passed and
still no reply.

David

-- 
 . ''`.  Debian maintainer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://snipr.com/qa_page
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174
[signature.asc (application/pgp-signature, attachment)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 07 Feb 2009 07:30:37 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 23:29:13 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.