<!DOCTYPE html>
<html><head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
<meta charset="utf-8"/>
<meta content="width=device-width, initial-scale=1.0, user-scalable=yes" name="viewport"/>
<title>HTML E-Mail</title>
</head><body class="email">
<p>Hello,</p>
<p>Wondering if there's anything I can do to further facilitate·<br/>
acceptance of this patch I sent 3 months ago?</p>
<p>Thank you,<br/>
martin</p>
<p>----- Forwarded message from "martin f. krafft" <a class="email" href="mailto:madduck@madduck.net">madduck@madduck.net</a> -----</p>
<p>Date: Mon, 12 Aug 2019 17:21:23 +1200<br/>
From: "martin f. krafft" <a class="email" href="mailto:madduck@madduck.net">madduck@madduck.net</a><br/>
To: <a class="email" href="mailto:password-store@lists.zx2c4.com">password-store@lists.zx2c4.com</a><br/>
Cc: "martin f. krafft" <a class="email" href="mailto:madduck@madduck.net">madduck@madduck.net</a><br/>
Subject: [PATCH] Use eval() to shell-parse $EDITOR for<br/>
pass-edit<br/>
Message-Id: <a class="email" href="mailto:20190812052123.21737-1-madduck@madduck.net">20190812052123.21737-1-madduck@madduck.net</a><br/>
X-Spam: no (crm114:16.49 SA:-102.1)<br/>
X-Justme: from machine in my domain</p>
<p>Enables shell-parsing of $EDITOR when executing its contents on<br/>
temporary files during <code>pass edit</code>.</p>
<p>Previously, trying to invoke e.g. vim with a set of commands, such as</p>
<pre><code>vim -c 'set nostmp' </code></pre>
<p>would result in <code>pass</code> calling</p>
<pre><code>execve("/usr/bin/vim", ["vim", "-c", "'set", "nostmp'", "/dev/shm/pass.…"...], … </code></pre>
<p>i.e. it would ignore quotes when splitting up the command line.</p>
<p>With this patch, the editor is properly called:</p>
<pre><code>execve("/usr/bin/vim", ["vim", "-c", "set nostmp", "/dev/shm/pass.…"...], … </code></pre>
<h2 id="signed-off-by-martin-f.-krafft-madduckmadduck.net">Signed-off-by: martin f. krafft <a class="email" href="mailto:madduck@madduck.net">madduck@madduck.net</a></h2>
<p>src/password-store.sh | 2 +-<br/>
tests/t0201-edit-tests.sh | 17 +++++++++++++++++<br/>
2 files changed, 18 insertions(+), 1 deletion(-)<br/>
create mode 100755 tests/t0201-edit-tests.sh</p>
<p>diff --git a/src/password-store.sh b/src/password-store.sh<br/>
index 1d119f2..46425f9 100755<br/>
--- a/src/password-store.sh<br/>
+++ b/src/password-store.sh<br/>
@@ -497,7 +497,7 @@ cmd_edit() {<br/>
$GPG -d -o "$tmp_file" "${GPG_OPTS[@]}" "$passfile" || exit 1<br/>
action="Edit"<br/>
fi<br/>
- ${EDITOR:-vi} "$tmp_file"<br/>
+ eval ${EDITOR:-vi} "$tmp_file"<br/>
[[ -f $tmp_file ]] || die "New password not saved."<br/>
$GPG -d -o - "${GPG_OPTS[@]}" "$passfile" 2>/dev/null | diff - "$tmp_file" &>/dev/null && die "Password unchanged."<br/>
while ! $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" "$tmp_file"; do<br/>
diff --git a/tests/t0201-edit-tests.sh b/tests/t0201-edit-tests.sh<br/>
new file mode 100755<br/>
index 0000000..8f32881<br/>
--- /dev/null<br/>
+++ b/tests/t0201-edit-tests.sh<br/>
@@ -0,0 +1,17 @@<br/>
+#!/usr/bin/env bash<br/>
+ +test_description='Test edit with spaces in $EDITOR'<br/>
+cd "$(dirname "$0")"<br/>
+. ./setup.sh<br/>
+ +test_expect_success 'Test shell-parsing of $EDITOR' '<br/>
+ "$PASS" init $KEY1 &&<br/>
+ "$PASS" generate cred1 90 &&<br/>
+ export PASSWORD_WITH_SPACE="Password with space" &&<br/>
+ export EDITOR="sed -i -e "1s,^.*$,$PASSWORD_WITH_SPACE,"" &&<br/>
+ "$PASS" edit cred1 2> /tmp/cred1 &&<br/>
+ "$PASS" show cred1 > /tmp/cred1 &&<br/>
+ [[ $("$PASS" show cred1) == "$PASSWORD_WITH_SPACE" ]]<br/>
+'<br/>
+ +test_done</p>
<div class="signature" style="color: #999; font-family: monospace; white-space: pre; margin: 1em 0 0 0; font-size: 80%"><span class="leader">-- </span><br/>@martinkrafft | https://riot.im/app/#/room/#madduck:madduck.net <br/> <br/>"when a gentoo admin tells me that the KISS principle is good for <br/> 'busy sysadmins', and that it's not an evolutionary step backwards, <br/> i wonder whether their tape is already running backwards." <br/> <br/>spamtraps: madduck.bogus@madduck.net</div>
</body></html>