karl williamson <perlbug-followup <at> perl.org> writes: >my @b = glob(qq{$path/mp_[0123456789]*.dat > $path/md_[0123456789]*.dat}); > >from https://rt.perl.org/Ticket/Display.html?id=114984 (and now in >ext/File-Glob/t/rt114984.t) now work fine on Linux unless it is compiled >with -DPERL_EXTERNAL_GLOB. In that case, a shell is run instead of F:G, >and the shell thinks the 2nd line is a shell command instead of part of >what to glob. That sounds like a bug in the PERL_EXTERNAL_GLOB case. Having your glob kick off a random shell command cannot be the intended behaviour. I suggest that PERL_EXTERNAL_GLOB should convert \n to space or otherwise sanitize the glob pattern slightly before invoking the shell. (It may never be possible to completely make the shell invocation safe while keeping compatibility with the current behaviour, but certainly this case can be fixed.) >I am not conversant in all the nuances of what bsd vs csh vs other >shells accept, but I believe this means that F:G is not an accurate >reproducer of what most shells would do with this, and I think it is >meant to be. Well... not in that way IMHO. It should provide the same kind of glob expansion as shells do. It doesn't and shouldn't try to reimplement all the interesting quoting bugs and code injection bugs that running an external shell is prone to. (To do that it would indeed need to fork a shell and see what happens, and then there would be no point having F::G.) -- Ed Avis <eda@waniasset.com>Thread Previous | Thread Next