Make use of the new PCRE2 escaping feature

Fixes some potentially unsafe uses of direct substitution into regex
expressions and also switches some completions to regex-based now that
there is a safe way of using it.
This commit is contained in:
Mahmoud Al-Qudsi 2018-11-15 12:37:29 -06:00
parent 680040d17d
commit ab0f1d33fe
5 changed files with 8 additions and 10 deletions

View file

@ -16,11 +16,8 @@ function __fish_apt_option
complete -f -c apt -n "__fish_seen_subcommand_from $subcommand" $argv complete -f -c apt -n "__fish_seen_subcommand_from $subcommand" $argv
end end
#using -r and not -e as string match -e is broken, this will cause problems complete -c apt -n "__fish_seen_subcommand_from $pkg_subcmds" -a '(__fish_print_packages | head -n 250)'
#if the commandline contains special characters, but most package names do complete -c apt -n "__fish_seen_subcommand_from $installed_pkg_subcmds" -a '(__fish_print_packages --installed | string match -re -- "(?:\\b|_)"(commandline -ct | string escape --style=pcre2) | head -n 250)' -d 'Package'
#not contain special characters. Can switch to -e after #4971 is fixed.
complete -c apt -n "__fish_seen_subcommand_from $pkg_subcmds" -a '(__fish_print_packages | head -n 100)'
complete -c apt -n "__fish_seen_subcommand_from $installed_pkg_subcmds" -a '(__fish_print_packages --installed | string match -r -- ".*"(commandline -ct)".*" | head -n 100)' -d 'Package'
# Support flags # Support flags
complete -x -f -c apt -s h -l help -d 'Display help' complete -x -f -c apt -s h -l help -d 'Display help'

View file

@ -26,7 +26,7 @@ end
function __minikube_using_option function __minikube_using_option
set cmd (commandline -poc) set cmd (commandline -poc)
set query "("(string join -- "|" $argv)")" set query "("(string join -- "|" (string escape --style=pcre2 $argv))")"
if test (count $cmd) -gt 1 if test (count $cmd) -gt 1
if string match -qr -- $query $cmd[-1] if string match -qr -- $query $cmd[-1]
@ -40,7 +40,7 @@ function __minikube_using_option_value -a option -a value
set cmd (commandline -poc) set cmd (commandline -poc)
if test (count $cmd) -gt 1 if test (count $cmd) -gt 1
string match -qr -- $option"[= ]"$value "$cmd" string match -qr -- (string escape --style=pcre2 $option)"[= ]"(string escape --style=pcre2 $value) "$cmd"
return $status return $status
end end

View file

@ -20,7 +20,8 @@ function __fish_complete_screen_general_list_mac -d "Get the socket list on mac"
end end
function __fish_complete_screen_general_list -d "Get the socket list" function __fish_complete_screen_general_list -d "Get the socket list"
screen -list | string match -r '^\t.*\(.*\)\s*\('$argv'\)\s*$'| string replace -r '\t(.*)\s+\((.*)\)\s*\((.*)\)' '$1\t$2 $3' set -l escaped (string escape --style=pcre2 $argv)
screen -list | string match -r '^\t.*\(.*\)\s*\('$escaped'\)\s*$'| string replace -r '\t(.*)\s+\((.*)\)\s*\((.*)\)' '$1\t$2 $3'
end end
function __fish_complete_screen_detached -d "Print a list of detached screen sessions" function __fish_complete_screen_detached -d "Print a list of detached screen sessions"

View file

@ -23,7 +23,7 @@ function __yarn_filtered_list_packages
return return
end end
all-the-package-names | string match -e -- (commandline -ct) all-the-package-names | string match -er -- "(?:\\b|_)"(commandline -ct | string escape --style=pcre2)
end end
function __yarn_find_package_json function __yarn_find_package_json

View file

@ -8,7 +8,7 @@ function __fish_whatis
end end
set -l description (whatis $cmd 2>/dev/null | string replace -r '.*? - ' '')[1] set -l description (whatis $cmd 2>/dev/null | string replace -r '.*? - ' '')[1]
if not string match -qr -- "$description" "." if not string match -qr -- "." "$description"
printf '%s\n' $description printf '%s\n' $description
return 0 return 0
else if not string match -q -- "$fallback" "" else if not string match -q -- "$fallback" ""