[PATCH] Use eval() to shell-parse $EDITOR for pass-edit
martin f. krafft
madduck at madduck.net
Mon Aug 12 07:21:23 CEST 2019
Enables shell-parsing of $EDITOR when executing its contents on
temporary files during `pass edit`.
Previously, trying to invoke e.g. vim with a set of commands, such as
```
vim -c 'set nostmp'
```
would result in `pass` calling
```
execve("/usr/bin/vim", ["vim", "-c", "'set", "nostmp'", "/dev/shm/pass.…"...], …
```
i.e. it would ignore quotes when splitting up the command line.
With this patch, the editor is properly called:
```
execve("/usr/bin/vim", ["vim", "-c", "set nostmp", "/dev/shm/pass.…"...], …
```
Signed-off-by: martin f. krafft <madduck at madduck.net>
---
src/password-store.sh | 2 +-
tests/t0201-edit-tests.sh | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 1 deletion(-)
create mode 100755 tests/t0201-edit-tests.sh
diff --git a/src/password-store.sh b/src/password-store.sh
index 1d119f2..46425f9 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -497,7 +497,7 @@ cmd_edit() {
$GPG -d -o "$tmp_file" "${GPG_OPTS[@]}" "$passfile" || exit 1
action="Edit"
fi
- ${EDITOR:-vi} "$tmp_file"
+ eval ${EDITOR:-vi} "$tmp_file"
[[ -f $tmp_file ]] || die "New password not saved."
$GPG -d -o - "${GPG_OPTS[@]}" "$passfile" 2>/dev/null | diff - "$tmp_file" &>/dev/null && die "Password unchanged."
while ! $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" "$tmp_file"; do
diff --git a/tests/t0201-edit-tests.sh b/tests/t0201-edit-tests.sh
new file mode 100755
index 0000000..8f32881
--- /dev/null
+++ b/tests/t0201-edit-tests.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+test_description='Test edit with spaces in $EDITOR'
+cd "$(dirname "$0")"
+. ./setup.sh
+
+test_expect_success 'Test shell-parsing of $EDITOR' '
+ "$PASS" init $KEY1 &&
+ "$PASS" generate cred1 90 &&
+ export PASSWORD_WITH_SPACE="Password with space" &&
+ export EDITOR="sed -i -e \"1s,^.*\$,$PASSWORD_WITH_SPACE,\"" &&
+ "$PASS" edit cred1 2> /tmp/cred1 &&
+ "$PASS" show cred1 > /tmp/cred1 &&
+ [[ $("$PASS" show cred1) == "$PASSWORD_WITH_SPACE" ]]
+'
+
+test_done
--
2.23.0.rc1
More information about the Password-Store
mailing list