Re: [PATCH] ob-maxima.el: Fix execution on MS Windows

emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed

From: Max Nikulin <manikulin@gmail.com>
To: emacs-orgmode@gnu.org
Subject: Re: [PATCH] ob-maxima.el: Fix execution on MS Windows
Date: Thu, 30 Dec 2021 23:33:58 +0700	[thread overview]
Message-ID: <sqkn1p$l8c$1@ciao.gmane.io> (raw)
In-Reply-To: <53a33993-2e62-2600-ee28-7c3d886de678@gmail.com>

On 30/12/2021 01:37, Nikolay Kudryavtsev wrote:
> If your temporary-file-directory is something like "/tmp/apostrophe'", 
> it would not work currently either. So apostrophe is a very special case 
> here.
> 
> As for possible evaluation within the double quotes, while this is 
> theoretically possible, user sort of has to go out of his way to trigger 
> it, so the question is whether we should introduce any platform-specific 
> code to mitigate such an obscure case? Then we are also limited by 
> Maxima itself since it has to be able to read that path too and it's 
> very picky when it comes to file paths.

I am not a committer, so it is up to the maintainers to decide if your 
patch is suitable. My intention is to draw attention to the issue, 
however they may tolerate it.

I have not experimented with remote execution of babel code blocks using 
tramp, so I may be unaware of some specific, e.g. execution using ssh 
almost certainly assumes shell command and interface with list of 
arguments may not be available.

When some external data is substituted into a Maxima command (batchload 
this case) there should be an extra pass of escaping that protects 
special characters like quotes (and backslashes?) accordingly to Maxima 
rules.

I expect that %S formatter does a trick by adding quotes around the 
string argument and adding backslashes before quote characters and 
backslashes inside. I suspect that quotes your added around %S must not 
be used there. Due to them file name appears outside of quotes at all. 
This error is hidden unless at least a space character presents in 
temporary directory path.

Unsure concerning Maxima but usually it is possible to pass arguments 
avoiding quoting issues for particular language. A couple of examples 
with inline code snippets

emacs -Q --batch --eval '(message "bl(%S)$" (car argv))' 'a"b\c.txt'
sh -c 'printf "bl(%s)\$\n" "$1"' 'sh' 'a"bc\d.txt'

Maybe there is a way to pass file name as a separate argument (without 
combining it with command) to Maxima as well.

In my opinion, platform-specific code should be avoided when possible. 
Even `shell-quote-argument' may be better. I would prefer e.g. 
`call-process' from info "(elisp) Synchronous Processes" 
https://www.gnu.org/software/emacs/manual/html_node/elisp/Synchronous-Processes.html 
, but I am realizing that it may require more changes in babel or even 
to cause problems with tramp.

Double quotes open issues with injection of commands in backticks `rm 
something`, $variable expansion and other constructs. I hope, 
`shell-quote-argument' is reliable enough.

P.S.
https://xkcd.com/327/ Exploits of a Mom

next prev parent reply	other threads:[~2021-12-30 16:35 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-26 20:18 [PATCH] ob-maxima.el: Fix execution on MS Windows Nikolay Kudryavtsev
2021-12-29 17:05 ` Max Nikulin
2021-12-29 18:37   ` Nikolay Kudryavtsev
2021-12-30 16:33     ` Max Nikulin [this message]
2021-12-30 20:54       ` Nikolay Kudryavtsev
2022-01-11 13:55         ` Max Nikulin
2022-10-29  6:08         ` Ihor Radchenko
2022-11-02 11:49           ` Nikolay Kudryavtsev

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.orgmode.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='sqkn1p$l8c$1@ciao.gmane.io' \
    --to=manikulin@gmail.com \
    --cc=emacs-orgmode@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).