mirror of
https://github.com/tests-always-included/mo.git
synced 2024-12-18 16:27:52 +00:00
Making a bit more safe and disabling an eval by default
This commit is contained in:
parent
a5ec7dd740
commit
f20e4ae83a
@ -115,6 +115,8 @@ The result? You get a list of the five elements in the array. It is vital that
|
||||
|
||||
There are more scripts available in the [demos directory](demo/) that could help illustrate how you would use this program.
|
||||
|
||||
There are additional features that the program supports. Try using `mo --help` to see what is available.
|
||||
|
||||
|
||||
Concessions
|
||||
-----------
|
||||
|
24
mo
24
mo
@ -29,6 +29,10 @@
|
||||
# Public: Template parser function. Writes templates to stdout.
|
||||
#
|
||||
# $0 - Name of the mo file, used for getting the help message.
|
||||
# --allow-function-arguments
|
||||
# - Permit functions in templates to be called with additional
|
||||
# arguments. This puts template data directly in to the path
|
||||
# of an eval statement. Use with caution.
|
||||
# --fail-not-set - Fail upon expansion of an unset variable. Default behavior
|
||||
# is to silently ignore and expand into empty string.
|
||||
# --false - Treat "false" as an empty value. You may set the
|
||||
@ -43,6 +47,12 @@
|
||||
#
|
||||
# Mo uses the following environment variables:
|
||||
#
|
||||
# MO_ALLOW_FUNCTION_ARGUMENTS
|
||||
# - When set to a non-empty value, this allows functions
|
||||
# referenced in templates to receive additional
|
||||
# options and arguments. This puts the content from the
|
||||
# template directly into an eval statement. Use with
|
||||
# extreme care.
|
||||
# MO_FAIL_ON_UNSET - When set to a non-empty value, expansion of an unset
|
||||
# env variable will be aborted with an error.
|
||||
# MO_FALSE_IS_EMPTY - When set to a non-empty value, the string "false"
|
||||
@ -74,6 +84,11 @@ mo() (
|
||||
exit 0
|
||||
;;
|
||||
|
||||
--allow-function-arguments)
|
||||
# shellcheck disable=SC2030
|
||||
MO_ALLOW_FUNCTION_ARGUMENTS=true
|
||||
;;
|
||||
|
||||
--fail-not-set)
|
||||
# shellcheck disable=SC2030
|
||||
MO_FAIL_ON_UNSET=true
|
||||
@ -128,8 +143,13 @@ mo() (
|
||||
moCallFunction() {
|
||||
local moCommand
|
||||
|
||||
printf -v moCommand "%q %q %s" "$1" "$2" "$3"
|
||||
eval "$moCommand"
|
||||
# shellcheck disable=SC2031
|
||||
if [[ -n "$MO_ALLOW_FUNCTION_ARGUMENTS" ]]; then
|
||||
printf -v moCommand "%q %q %s" "$1" "$2" "$3"
|
||||
eval "$moCommand"
|
||||
else
|
||||
"$1" "$2"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user