From f20e4ae83a1c6719d40c8d69d390cd8f6c781123 Mon Sep 17 00:00:00 2001
From: Tyler Akins <fidian@rumkin.com>
Date: Fri, 3 Nov 2017 16:45:51 -0500
Subject: [PATCH] Making a bit more safe and disabling an eval by default

---
 README.md |  2 ++
 mo        | 24 ++++++++++++++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 69410f0..ce5aa13 100644
--- a/README.md
+++ b/README.md
@@ -115,6 +115,8 @@ The result?  You get a list of the five elements in the array.  It is vital that
 
 There are more scripts available in the [demos directory](demo/) that could help illustrate how you would use this program.
 
+There are additional features that the program supports. Try using `mo --help` to see what is available.
+
 
 Concessions
 -----------
diff --git a/mo b/mo
index 51b3498..cfbf56f 100755
--- a/mo
+++ b/mo
@@ -29,6 +29,10 @@
 # Public: Template parser function.  Writes templates to stdout.
 #
 # $0             - Name of the mo file, used for getting the help message.
+# --allow-function-arguments
+#                - Permit functions in templates to be called with additional
+#                  arguments. This puts template data directly in to the path
+#                  of an eval statement. Use with caution.
 # --fail-not-set - Fail upon expansion of an unset variable.  Default behavior
 #                  is to silently ignore and expand into empty string.
 # --false        - Treat "false" as an empty value.  You may set the
@@ -43,6 +47,12 @@
 #
 # Mo uses the following environment variables:
 #
+# MO_ALLOW_FUNCTION_ARGUMENTS
+#                     - When set to a non-empty value, this allows functions
+#                       referenced in templates to receive additional
+#                       options and arguments. This puts the content from the
+#                       template directly into an eval statement. Use with
+#                       extreme care.
 # MO_FAIL_ON_UNSET    - When set to a non-empty value, expansion of an unset
 #                       env variable will be aborted with an error.
 # MO_FALSE_IS_EMPTY   - When set to a non-empty value, the string "false"
@@ -74,6 +84,11 @@ mo() (
                         exit 0
                         ;;
 
+                    --allow-function-arguments)
+                        # shellcheck disable=SC2030
+                        MO_ALLOW_FUNCTION_ARGUMENTS=true
+                        ;;
+
                     --fail-not-set)
                         # shellcheck disable=SC2030
                         MO_FAIL_ON_UNSET=true
@@ -128,8 +143,13 @@ mo() (
 moCallFunction() {
     local moCommand
 
-    printf -v moCommand "%q %q %s" "$1" "$2" "$3"
-    eval "$moCommand"
+    # shellcheck disable=SC2031
+    if [[ -n "$MO_ALLOW_FUNCTION_ARGUMENTS" ]]; then
+        printf -v moCommand "%q %q %s" "$1" "$2" "$3"
+        eval "$moCommand"
+    else
+        "$1" "$2"
+    fi
 }