Bug 741180 - pki-silent does not properly escape command-line arguments
Summary: pki-silent does not properly escape command-line arguments
Keywords:
Status: CLOSED EOL
Alias: None
Product: Dogtag Certificate System
Classification: Retired
Component: Installation Wizard
Version: 9.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Ade Lee
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks: 530474 769388
TreeView+ depends on / blocked
 
Reported: 2011-09-26 07:25 UTC by Jan Cholasta
Modified: 2020-03-27 18:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 769388 (view as bug list)
Environment:
Last Closed: 2020-03-27 18:37:19 UTC
Embargoed:

Attachments (Terms of Use)

Description Jan Cholasta 2011-09-26 07:25:39 UTC 
Description of problem:
When you run pkisilent like this:

    pkisilent ... -some_option "ugly ' value" ...

the resulting java invocation will be:

    java ... -some_option ugly ' value ...

instead of:

    java ... -some_option "ugly ' value" ...

which is obviously very wrong.

Version-Release number of selected component (if applicable):
pki-silent-9.0.14-1.20110922T0903z.fc15.noarch
pki-ca-9.0.14-1.20110922T0903z.fc15.noarch

How reproducible:
Always.

Steps to Reproduce:
1. Run pkisilent and use a space, quote or any other shell special character in any of its arguments.

Actual results:
pkisilent does not escape the command-line arguments, strange errors occur.

Expected results:
pkisilent should escape all the command-line arguments before using them in shell.

Additional info:
Note You need to log in before you can comment on or make changes to this bug.