[stdlib-sig] quoting arguments for command-line evaluation
Paul Moore
p.f.moore at gmail.com
Tue May 25 23:54:18 CEST 2010
On 25 May 2010 13:22, Eric Smith <eric at trueblade.com> wrote:
> Keep in mind that these routines typically only work on Unix-like systems,
> where the shell has a set of well defined rules for quoting and parsing. On
> Windows, each executable is in charge of parsing its own parameters from a
> string. This is usually (but certainly not always) done by the C runtime
> startup. But different runtimes have different rules. Sadly, you sometimes
> have to know which executable you're calling before you can know how to
> escape its arguments.
However, on Windows the rules used by the C runtime are a pretty good
baseline to work to. That's what subprocess does, and it's a good
practical solution. It's not perfect, but practicality beats purity
and all that....
After all, there are many different shells on Unix, and I suspect an
expert could come up with a suitably nasty set of corner cases where
they are inconsistent. But frankly, it doesn't matter. It matters
somewhat more on Windows, but that's more because the "standard" rules
aren't very user-friendly than because you'll get a lot of breakage.
I'd say that this is a classic case where a library encapsulating
cross-platform differences [1] is extremely useful. If the stdlib
contained a cross-platform shell-quoting module, I'm pretty sure it
could replace a big chunk of adhoc application code.
Paul.
[1] At the OS call level, Unix works with an array of arguments, where
Windows works with a command line. No cross-platform library can
completely hide such a basic distinction. But again, practicality
beats purity...
More information about the stdlib-sig
mailing list