[RndTbl] shell quoting inside $( )?
Trevor Cordes
trevor at tecnopolis.ca
Sun Feb 26 20:23:08 CST 2023
I can't see any way to "bifurcate output" in bash without using tee.
I'm pretty sure zsh (and probably fish) can do it, but not sure of
the syntax there either:
$ eval $((openssl x509 -noout -text -in /etc/pki/tls/certs/tecnopolis.ca.crt | tee >(echo -n EXPD="'"`date -d"$(sed -n 's/^.*Not After : //p')" +%Y%b%d`"'" ) >(echo SUBJ="'"`sed -n 's/^.*Subject: .*CN = //p'`"'" ) 1>&2 ) 2>/dev/null)
$ echo $SUBJ tecnopolis.ca
$ echo $EXPD 2024Feb22
If you can figure out a way to get the vars out of the subshell and
into 2 different vars without using the eval $() then you're probably
better off. Even though I protect the tainted inputs with '', someone
could possibly plant a ' in the SUBJ and thus this is a sec hole.
Of course you could eliminate the eval and assign to a var and then
run a 2nd command to split them into SUBJ and EXPD, but I was going
for a oneliner. (Get rid of the "'" adders then.)
I'm going to toy with the idea of using {} subshells which might
allow elimination of the eval.
Of course this would be much cleaner in a perl oneliner... and if
you're already bringing in sed, how much worse is perl?
More information about the Roundtable
mailing list