26 Aug
2014
26 Aug
'14
3:11 p.m.
On Tue, 26 Aug 2014 at 14:52:10, Dave Reisner wrote:
[...] Again with the lack of quoting...
<(printf "$PWD/%s\n" *.pkg.tar?(.+([^.])) | pacsort --files |
I'm somewhat concerned about this because we're injecting a path into the format string (yes, we've done this elsewhere and it's equally concerning). Since it's pre-existing, we can probably ignore this bug for now. Could you leave a TODO to address it, though? It's probably sufficient to just escape % and \ chars in $PWD, but it needs testing. [...]
I did not look at the code but can't you use something like pkgs=(*.pkg.tar?(.+([^.]))) printf "%s\n" ${file[@]/#/$PWD/} | pacsort --files | [...] ...?