Re: New patchfs script

["Andrew V. Samoilov" <sav bcs zp ua>]

Adam Byrtek 'alpha' wrote:
> On Wed, Dec 11, 2002 at 04:42:35PM +0200, Andrew V. Samoilov wrote:
>
> > I applied little patch for your patchfs to quote metacharacters in
>
>
> Agreed.
. . .
 >>-    copyout ($ARGV[2], $ARGV[3]);
 >>+    copyout ($ARGV[2], quotemeta ($ARGV[3]));
 >
 >
 > The second chunk is invalid.
 > $ARGV[3] is used only for 'open', and it doesn't need quoting:
 >
 > bash-2.05b$ perl -we 'open TMP, ">". quotemeta("Q|Q|\\|Q"); print TMP
 > "xxx\n"; close TMP'
 > bash-2.05b$ ls Q*
 > Q\|Q\|\\\|Q
 >

Yes, it was initial version of patch, CVS is ok.  Thanks for a catch.

> > Also I want to eliminate temporary file in copyout()
>
>
> It's necessary with this algorithm - you can't do 'seek' on a pipe.

Well, comment section can be stored in the array, so seek will be
eliminated.

> The temporary file is created in a safe way, so this should not be a
> security issue. BTW I guess we can create the file before doing '>' to
> avoid symlink attack (quite improbable, tmp file name is random).

It is not security issue but resource.  Kernel patches can be 20 Mb
unarchived.

> > and teach patchfs to understand context diffs (diff -c).
> > Another good change should be to use +++ filename for newly created
> > files (--- /dev/null).
>
>
> It would be nice. Should I try to work on this issues or do you want
> to do this yourself?

You are author, so you are preffered.

--
Regards,
Andrew V. Samoilov