commit fdcd723e538295242d818e509810c09ac1e36c06
from: Alexander Arch <aa@manpager.org>
via: Alex Arx <aa@manpager.org>
date: Fri Nov 15 13:50:01 2024 UTC

handle files and recipients with shell metacharacters

commit - a6d27c97726730bb73f1e2946344ecb492fbe372
commit + fdcd723e538295242d818e509810c09ac1e36c06
blob - c95c07fdb6d7b6b12a1b987af32066b6d00ded5a
blob + 829de715dee4f5a22a53bd7084db0584d96b98bf
--- gpm
+++ gpm
@@ -26,15 +26,20 @@ sub usage {
 "       gpm [-d dir] ls\n";
 }
 
+# shellquote: return string suitable for using as an argument for sh
+sub shellquote {
+	my ($s) = @_;
+	$s =~ s/'/'\\''/g;
+	return "'" . $s . "'";
+}
+
 # getrecipient: return string to be used with gpg's -r option.
 #
 # Past versions of gpm (written in shell) required explicit recipient, set by
 # option -r, or the GPM_RECIPIENT environment variable. This is completely
 # unnecessary now, due to GPM_GPG and -g, but legacy syntax is still maintained.
 sub getrecipient {
-	my $r = $opt_r;
-	defined $r or $r = $ENV{GPM_RECIPIENT};
-	return $r;
+	return shellquote($opt_r // $ENV{GPM_RECIPIENT});
 }
 
 # ckpath $path
@@ -177,7 +182,7 @@ sub get {
 	$#ARGV >= 0 or usage;
 	my $file = $ARGV[0];
 	ckpath $file or die "bad path $file\n";
-	$file = cklegacy $file;
+	$file = shellquote(cklegacy $file);
 	my $out = `$gpg -d $file`;
 	$? == 0 or exit 1;
 	return $out;