[1076] quoting bugs (how to test?)

Eric Wilhelm scratchcomputing at gmail.com
Mon May 26 21:57:15 UTC 2008 

# from ewilhelm at hexten.net
# on Monday 26 May 2008:

>lib/TAP/Parser/Source/Perl.pm - qq["$file"] is probably almost always
> wrong

So, quoting filenames or switches for anything besides VMS is almost 
always going to be wrong if we're using list context to preserve the 
atomicity of arguments and avoid shell interpolation.

  http://rt.cpan.org/Ticket/Display.html?id=33406

In TAP::Parser::Source::Perl, I commented-out the quoting in 
_get_command_for_switches() [A1:=line173], and I suspect that the 
quoting in _switches() [A2:=line263] is incorrect.

Further, I suspect that neither of the qq["$foo"] quotings in Perl.pm 
(at points [A1] and [A2]) is actually necessary because everything 
(IIUC) ends up in the new() method of TAP::Parser::Iterator::Process 
where we either [B1:=line136] call open3() with a list or [B2:=line156] 
perform qq{"$_"} if we're forced to use the 2-arg form of open (for 
compatibility sake.)

I suspect we want to eliminate the quotings at [A] because they are 
going to be in the way at [B1] or redundant at [B2].  IIRC, case [B2] 
(the "Open3 won't work" case) is win32 specific, and that point 
probably wants to quote and escape *anything* that the shell might 
grab, and case [B1] should probably have some IS_VMS treatment.

The goal would be to get the number of locations where quotes are added 
down to a minimum (and very tightly scoped) because once quotes are 
added, everything gets ambiguous:  it is impossible to distinquish from 
a string which happens to contain quotes.

Unfortunately, I don't seem to be able to understand the test suite well 
enough to find a good spot for any of this.  At present, it appears 
that we have zero test coverage for points [A1] or [A2].

A1. filename (or path) with spaces.
  Because we can't ship a filename which contains spaces, we need to 
create it on-the-fly.  Needs to be tested on VMS, Win32, and $sane_os.

A2. switches with spaces (e.g. "-Mfoo=bar baz")
  This code quotes any switches on VMS (required) and any switches 
containing spaces on non-VMS (I suspect that testing a switch with a 
space will reveal that quoting should only be done on VMS, but in both 
cases the quoting should simply be deferred until point [B].)

I would happily add said test coverage, but I suspect it would take me 
several hours to write the few lines of code involved.

--Eric
-- 
hobgoblin n 1: (folklore) a small grotesque supernatural creature that
          makes trouble for human beings
---------------------------------------------------
    http://scratchcomputing.com
---------------------------------------------------

More information about the tapx-dev mailing list