[thirdparty/systemd.git] / src / basic / escape.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering
***/

#include <errno.h>
#include <stdlib.h>
#include <string.h>

#include "alloc-util.h"
#include "escape.h"
#include "hexdecoct.h"
#include "macro.h"
#include "utf8.h"

size_t cescape_char(char c, char *buf) {
        char * buf_old = buf;

        switch (c) {

                case '\a':
                        *(buf++) = '\\';
                        *(buf++) = 'a';
                        break;
                case '\b':
                        *(buf++) = '\\';
                        *(buf++) = 'b';
                        break;
                case '\f':
                        *(buf++) = '\\';
                        *(buf++) = 'f';
                        break;
                case '\n':
                        *(buf++) = '\\';
                        *(buf++) = 'n';
                        break;
                case '\r':
                        *(buf++) = '\\';
                        *(buf++) = 'r';
                        break;
                case '\t':
                        *(buf++) = '\\';
                        *(buf++) = 't';
                        break;
                case '\v':
                        *(buf++) = '\\';
                        *(buf++) = 'v';
                        break;
                case '\\':
                        *(buf++) = '\\';
                        *(buf++) = '\\';
                        break;
                case '"':
                        *(buf++) = '\\';
                        *(buf++) = '"';
                        break;
                case '\'':
                        *(buf++) = '\\';
                        *(buf++) = '\'';
                        break;

                default:
                        /* For special chars we prefer octal over
                         * hexadecimal encoding, simply because glib's
                         * g_strescape() does the same */
                        if ((c < ' ') || (c >= 127)) {
                                *(buf++) = '\\';
                                *(buf++) = octchar((unsigned char) c >> 6);
                                *(buf++) = octchar((unsigned char) c >> 3);
                                *(buf++) = octchar((unsigned char) c);
                        } else
                                *(buf++) = c;
                        break;
        }

        return buf - buf_old;
}

char *cescape_length(const char *s, size_t n) {
        const char *f;
        char *r, *t;

        assert(s || n == 0);

        /* Does C style string escaping. May be reversed with
         * cunescape(). */

        r = new(char, n*4 + 1);
        if (!r)
                return NULL;

        for (f = s, t = r; f < s + n; f++)
                t += cescape_char(*f, t);

        *t = 0;

        return r;
}

char *cescape(const char *s) {
        assert(s);

        return cescape_length(s, strlen(s));
}

int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit) {
        int r = 1;

        assert(p);
        assert(*p);
        assert(ret);

        /* Unescapes C style. Returns the unescaped character in ret.
         * Sets *eight_bit to true if the escaped sequence either fits in
         * one byte in UTF-8 or is a non-unicode literal byte and should
         * instead be copied directly.
         */

        if (length != (size_t) -1 && length < 1)
                return -EINVAL;

        switch (p[0]) {

        case 'a':
                *ret = '\a';
                break;
        case 'b':
                *ret = '\b';
                break;
        case 'f':
                *ret = '\f';
                break;
        case 'n':
                *ret = '\n';
                break;
        case 'r':
                *ret = '\r';
                break;
        case 't':
                *ret = '\t';
                break;
        case 'v':
                *ret = '\v';
                break;
        case '\\':
                *ret = '\\';
                break;
        case '"':
                *ret = '"';
                break;
        case '\'':
                *ret = '\'';
                break;

        case 's':
                /* This is an extension of the XDG syntax files */
                *ret = ' ';
                break;

        case 'x': {
                /* hexadecimal encoding */
                int a, b;

                if (length != (size_t) -1 && length < 3)
                        return -EINVAL;

                a = unhexchar(p[1]);
                if (a < 0)
                        return -EINVAL;

                b = unhexchar(p[2]);
                if (b < 0)
                        return -EINVAL;

                /* Don't allow NUL bytes */
                if (a == 0 && b == 0)
                        return -EINVAL;

                *ret = (a << 4U) | b;
                *eight_bit = true;
                r = 3;
                break;
        }

        case 'u': {
                /* C++11 style 16bit unicode */

                int a[4];
                unsigned i;
                uint32_t c;

                if (length != (size_t) -1 && length < 5)
                        return -EINVAL;

                for (i = 0; i < 4; i++) {
                        a[i] = unhexchar(p[1 + i]);
                        if (a[i] < 0)
                                return a[i];
                }

                c = ((uint32_t) a[0] << 12U) | ((uint32_t) a[1] << 8U) | ((uint32_t) a[2] << 4U) | (uint32_t) a[3];

                /* Don't allow 0 chars */
                if (c == 0)
                        return -EINVAL;

                *ret = c;
                r = 5;
                break;
        }

        case 'U': {
                /* C++11 style 32bit unicode */

                int a[8];
                unsigned i;
                char32_t c;

                if (length != (size_t) -1 && length < 9)
                        return -EINVAL;

                for (i = 0; i < 8; i++) {
                        a[i] = unhexchar(p[1 + i]);
                        if (a[i] < 0)
                                return a[i];
                }

                c = ((uint32_t) a[0] << 28U) | ((uint32_t) a[1] << 24U) | ((uint32_t) a[2] << 20U) | ((uint32_t) a[3] << 16U) |
                    ((uint32_t) a[4] << 12U) | ((uint32_t) a[5] <<  8U) | ((uint32_t) a[6] <<  4U) |  (uint32_t) a[7];

                /* Don't allow 0 chars */
                if (c == 0)
                        return -EINVAL;

                /* Don't allow invalid code points */
                if (!unichar_is_valid(c))
                        return -EINVAL;

                *ret = c;
                r = 9;
                break;
        }

        case '0':
        case '1':
        case '2':
        case '3':
        case '4':
        case '5':
        case '6':
        case '7': {
                /* octal encoding */
                int a, b, c;
                char32_t m;

                if (length != (size_t) -1 && length < 3)
                        return -EINVAL;

                a = unoctchar(p[0]);
                if (a < 0)
                        return -EINVAL;

                b = unoctchar(p[1]);
                if (b < 0)
                        return -EINVAL;

                c = unoctchar(p[2]);
                if (c < 0)
                        return -EINVAL;

                /* don't allow NUL bytes */
                if (a == 0 && b == 0 && c == 0)
                        return -EINVAL;

                /* Don't allow bytes above 255 */
                m = ((uint32_t) a << 6U) | ((uint32_t) b << 3U) | (uint32_t) c;
                if (m > 255)
                        return -EINVAL;

                *ret = m;
                *eight_bit = true;
                r = 3;
                break;
        }

        default:
                return -EINVAL;
        }

        return r;
}

int cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret) {
        char *r, *t;
        const char *f;
        size_t pl;

        assert(s);
        assert(ret);

        /* Undoes C style string escaping, and optionally prefixes it. */

        pl = strlen_ptr(prefix);

        r = new(char, pl+length+1);
        if (!r)
                return -ENOMEM;

        if (prefix)
                memcpy(r, prefix, pl);

        for (f = s, t = r + pl; f < s + length; f++) {
                size_t remaining;
                bool eight_bit = false;
                char32_t u;
                int k;

                remaining = s + length - f;
                assert(remaining > 0);

                if (*f != '\\') {
                        /* A literal, copy verbatim */
                        *(t++) = *f;
                        continue;
                }

                if (remaining == 1) {
                        if (flags & UNESCAPE_RELAX) {
                                /* A trailing backslash, copy verbatim */
                                *(t++) = *f;
                                continue;
                        }

                        free(r);
                        return -EINVAL;
                }

                k = cunescape_one(f + 1, remaining - 1, &u, &eight_bit);
                if (k < 0) {
                        if (flags & UNESCAPE_RELAX) {
                                /* Invalid escape code, let's take it literal then */
                                *(t++) = '\\';
                                continue;
                        }

                        free(r);
                        return k;
                }

                f += k;
                if (eight_bit)
                        /* One byte? Set directly as specified */
                        *(t++) = u;
                else
                        /* Otherwise encode as multi-byte UTF-8 */
                        t += utf8_encode_unichar(t, u);
        }

        *t = 0;

        *ret = r;
        return t - r;
}

int cunescape_length(const char *s, size_t length, UnescapeFlags flags, char **ret) {
        return cunescape_length_with_prefix(s, length, NULL, flags, ret);
}

int cunescape(const char *s, UnescapeFlags flags, char **ret) {
        return cunescape_length(s, strlen(s), flags, ret);
}

char *xescape(const char *s, const char *bad) {
        char *r, *t;
        const char *f;

        /* Escapes all chars in bad, in addition to \ and all special
         * chars, in \xFF style escaping. May be reversed with
         * cunescape(). */

        r = new(char, strlen(s) * 4 + 1);
        if (!r)
                return NULL;

        for (f = s, t = r; *f; f++) {

                if ((*f < ' ') || (*f >= 127) ||
                    (*f == '\\') || strchr(bad, *f)) {
                        *(t++) = '\\';
                        *(t++) = 'x';
                        *(t++) = hexchar(*f >> 4);
                        *(t++) = hexchar(*f);
                } else
                        *(t++) = *f;
        }

        *t = 0;

        return r;
}

char *octescape(const char *s, size_t len) {
        char *r, *t;
        const char *f;

        /* Escapes all chars in bad, in addition to \ and " chars,
         * in \nnn style escaping. */

        r = new(char, len * 4 + 1);
        if (!r)
                return NULL;

        for (f = s, t = r; f < s + len; f++) {

                if (*f < ' ' || *f >= 127 || IN_SET(*f, '\\', '"')) {
                        *(t++) = '\\';
                        *(t++) = '0' + (*f >> 6);
                        *(t++) = '0' + ((*f >> 3) & 8);
                        *(t++) = '0' + (*f & 8);
                } else
                        *(t++) = *f;
        }

        *t = 0;

        return r;

}

static char *strcpy_backslash_escaped(char *t, const char *s, const char *bad, bool escape_tab_nl) {
        assert(bad);

        for (; *s; s++) {
                if (escape_tab_nl && IN_SET(*s, '\n', '\t')) {
                        *(t++) = '\\';
                        *(t++) = *s == '\n' ? 'n' : 't';
                        continue;
                }

                if (*s == '\\' || strchr(bad, *s))
                        *(t++) = '\\';

                *(t++) = *s;
        }

        return t;
}

char *shell_escape(const char *s, const char *bad) {
        char *r, *t;

        r = new(char, strlen(s)*2+1);
        if (!r)
                return NULL;

        t = strcpy_backslash_escaped(r, s, bad, false);
        *t = 0;

        return r;
}

char* shell_maybe_quote(const char *s, EscapeStyle style) {
        const char *p;
        char *r, *t;

        assert(s);

        /* Encloses a string in quotes if necessary to make it OK as a shell
         * string. Note that we treat benign UTF-8 characters as needing
         * escaping too, but that should be OK. */

        for (p = s; *p; p++)
                if (*p <= ' ' ||
                    *p >= 127 ||
                    strchr(SHELL_NEED_QUOTES, *p))
                        break;

        if (!*p)
                return strdup(s);

        r = new(char, (style == ESCAPE_POSIX) + 1 + strlen(s)*2 + 1 + 1);
        if (!r)
                return NULL;

        t = r;
        if (style == ESCAPE_BACKSLASH)
                *(t++) = '"';
        else if (style == ESCAPE_POSIX) {
                *(t++) = '$';
                *(t++) = '\'';
        } else
                assert_not_reached("Bad EscapeStyle");

        t = mempcpy(t, s, p - s);

        if (style == ESCAPE_BACKSLASH)
                t = strcpy_backslash_escaped(t, p, SHELL_NEED_ESCAPE, false);
        else
                t = strcpy_backslash_escaped(t, p, SHELL_NEED_ESCAPE_POSIX, true);

        if (style == ESCAPE_BACKSLASH)
                *(t++) = '"';
        else
                *(t++) = '\'';
        *t = 0;

        return r;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
4f5dd394 LP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2010 Lennart Poettering
4f5dd394 LP	6	***/
4f5dd394 LP	7
11c3a366 TA	8	#include <errno.h>
	9	#include <stdlib.h>
	10	#include <string.h>
	11
b5efdb8a	12	#include "alloc-util.h"
e4e73a63 LP	13	#include "escape.h"
e4e73a63 LP	14	#include "hexdecoct.h"
11c3a366	15	#include "macro.h"
4f5dd394	16	#include "utf8.h"
4f5dd394	17
4f5dd394 LP	18	size_t cescape_char(char c, char *buf) {
	19	char * buf_old = buf;
	20
	21	switch (c) {
	22
	23	case '\a':
	24	*(buf++) = '\\';
	25	*(buf++) = 'a';
	26	break;
	27	case '\b':
	28	*(buf++) = '\\';
	29	*(buf++) = 'b';
	30	break;
	31	case '\f':
	32	*(buf++) = '\\';
	33	*(buf++) = 'f';
	34	break;
	35	case '\n':
	36	*(buf++) = '\\';
	37	*(buf++) = 'n';
	38	break;
	39	case '\r':
	40	*(buf++) = '\\';
	41	*(buf++) = 'r';
	42	break;
	43	case '\t':
	44	*(buf++) = '\\';
	45	*(buf++) = 't';
	46	break;
	47	case '\v':
	48	*(buf++) = '\\';
	49	*(buf++) = 'v';
	50	break;
	51	case '\\':
	52	*(buf++) = '\\';
	53	*(buf++) = '\\';
	54	break;
	55	case '"':
	56	*(buf++) = '\\';
	57	*(buf++) = '"';
	58	break;
	59	case '\'':
	60	*(buf++) = '\\';
	61	*(buf++) = '\'';
	62	break;
	63
	64	default:
	65	/* For special chars we prefer octal over
	66	* hexadecimal encoding, simply because glib's
	67	* g_strescape() does the same */
	68	if ((c < ' ') \|\| (c >= 127)) {
	69	*(buf++) = '\\';
	70	*(buf++) = octchar((unsigned char) c >> 6);
	71	*(buf++) = octchar((unsigned char) c >> 3);
	72	*(buf++) = octchar((unsigned char) c);
	73	} else
	74	*(buf++) = c;
	75	break;
	76	}
	77
	78	return buf - buf_old;
	79	}
	80
a5ef3638	81	char cescape_length(const char s, size_t n) {
4f5dd394	82	const char *f;
a5ef3638	83	char r, t;
4f5dd394	84
a5ef3638	85	assert(s \|\| n == 0);
4f5dd394 LP	86
	87	/* Does C style string escaping. May be reversed with
	88	* cunescape(). */
	89
a5ef3638	90	r = new(char, n*4 + 1);
4f5dd394 LP	91	if (!r)
	92	return NULL;
	93
a5ef3638	94	for (f = s, t = r; f < s + n; f++)
4f5dd394 LP	95	t += cescape_char(*f, t);
	96
	97	*t = 0;
	98
	99	return r;
	100	}
	101
a5ef3638 LP	102	char cescape(const char s) {
	103	assert(s);
	104
	105	return cescape_length(s, strlen(s));
	106	}
	107
c932fb71	108	int cunescape_one(const char p, size_t length, char32_t ret, bool *eight_bit) {
4f5dd394 LP	109	int r = 1;
	110
	111	assert(p);
	112	assert(*p);
	113	assert(ret);
	114
3565e095 ZJS	115	/* Unescapes C style. Returns the unescaped character in ret.
	116	* Sets *eight_bit to true if the escaped sequence either fits in
	117	* one byte in UTF-8 or is a non-unicode literal byte and should
	118	* instead be copied directly.
	119	*/
4f5dd394 LP	120
	121	if (length != (size_t) -1 && length < 1)
	122	return -EINVAL;
	123
	124	switch (p[0]) {
	125
	126	case 'a':
	127	*ret = '\a';
	128	break;
	129	case 'b':
	130	*ret = '\b';
	131	break;
	132	case 'f':
	133	*ret = '\f';
	134	break;
	135	case 'n':
	136	*ret = '\n';
	137	break;
	138	case 'r':
	139	*ret = '\r';
	140	break;
	141	case 't':
	142	*ret = '\t';
	143	break;
	144	case 'v':
	145	*ret = '\v';
	146	break;
	147	case '\\':
	148	*ret = '\\';
	149	break;
	150	case '"':
	151	*ret = '"';
	152	break;
	153	case '\'':
	154	*ret = '\'';
	155	break;
	156
	157	case 's':
	158	/* This is an extension of the XDG syntax files */
	159	*ret = ' ';
	160	break;
	161
	162	case 'x': {
	163	/* hexadecimal encoding */
	164	int a, b;
	165
	166	if (length != (size_t) -1 && length < 3)
	167	return -EINVAL;
	168
	169	a = unhexchar(p[1]);
	170	if (a < 0)
	171	return -EINVAL;
	172
	173	b = unhexchar(p[2]);
	174	if (b < 0)
	175	return -EINVAL;
	176
	177	/* Don't allow NUL bytes */
	178	if (a == 0 && b == 0)
	179	return -EINVAL;
	180
3565e095 ZJS	181	*ret = (a << 4U) \| b;
3565e095 ZJS	182	*eight_bit = true;
4f5dd394 LP	183	r = 3;
	184	break;
	185	}
	186
	187	case 'u': {
	188	/* C++11 style 16bit unicode */
	189
	190	int a[4];
	191	unsigned i;
	192	uint32_t c;
	193
	194	if (length != (size_t) -1 && length < 5)
	195	return -EINVAL;
	196
	197	for (i = 0; i < 4; i++) {
	198	a[i] = unhexchar(p[1 + i]);
	199	if (a[i] < 0)
	200	return a[i];
	201	}
	202
	203	c = ((uint32_t) a[0] << 12U) \| ((uint32_t) a[1] << 8U) \| ((uint32_t) a[2] << 4U) \| (uint32_t) a[3];
	204
	205	/* Don't allow 0 chars */
	206	if (c == 0)
	207	return -EINVAL;
	208
3565e095	209	*ret = c;
4f5dd394 LP	210	r = 5;
	211	break;
	212	}
	213
	214	case 'U': {
	215	/* C++11 style 32bit unicode */
	216
	217	int a[8];
	218	unsigned i;
c932fb71	219	char32_t c;
4f5dd394 LP	220
	221	if (length != (size_t) -1 && length < 9)
	222	return -EINVAL;
	223
	224	for (i = 0; i < 8; i++) {
	225	a[i] = unhexchar(p[1 + i]);
	226	if (a[i] < 0)
	227	return a[i];
	228	}
	229
dcd12626 LP	230	c = ((uint32_t) a[0] << 28U) \| ((uint32_t) a[1] << 24U) \| ((uint32_t) a[2] << 20U) \| ((uint32_t) a[3] << 16U) \|
dcd12626 LP	231	((uint32_t) a[4] << 12U) \| ((uint32_t) a[5] << 8U) \| ((uint32_t) a[6] << 4U) \| (uint32_t) a[7];
4f5dd394 LP	232
	233	/* Don't allow 0 chars */
	234	if (c == 0)
	235	return -EINVAL;
	236
	237	/* Don't allow invalid code points */
	238	if (!unichar_is_valid(c))
	239	return -EINVAL;
	240
3565e095	241	*ret = c;
4f5dd394 LP	242	r = 9;
	243	break;
	244	}
	245
	246	case '0':
	247	case '1':
	248	case '2':
	249	case '3':
	250	case '4':
	251	case '5':
	252	case '6':
	253	case '7': {
	254	/* octal encoding */
	255	int a, b, c;
c932fb71	256	char32_t m;
4f5dd394 LP	257
	258	if (length != (size_t) -1 && length < 3)
	259	return -EINVAL;
	260
	261	a = unoctchar(p[0]);
	262	if (a < 0)
	263	return -EINVAL;
	264
	265	b = unoctchar(p[1]);
	266	if (b < 0)
	267	return -EINVAL;
	268
	269	c = unoctchar(p[2]);
	270	if (c < 0)
	271	return -EINVAL;
	272
	273	/* don't allow NUL bytes */
	274	if (a == 0 && b == 0 && c == 0)
	275	return -EINVAL;
	276
	277	/* Don't allow bytes above 255 */
dcd12626	278	m = ((uint32_t) a << 6U) \| ((uint32_t) b << 3U) \| (uint32_t) c;
4f5dd394 LP	279	if (m > 255)
	280	return -EINVAL;
	281
	282	*ret = m;
3565e095	283	*eight_bit = true;
4f5dd394 LP	284	r = 3;
	285	break;
	286	}
	287
	288	default:
	289	return -EINVAL;
	290	}
	291
	292	return r;
	293	}
	294
	295	int cunescape_length_with_prefix(const char s, size_t length, const char prefix, UnescapeFlags flags, char **ret) {
	296	char r, t;
	297	const char *f;
	298	size_t pl;
	299
	300	assert(s);
	301	assert(ret);
	302
	303	/* Undoes C style string escaping, and optionally prefixes it. */
	304
7bf7ce28	305	pl = strlen_ptr(prefix);
4f5dd394 LP	306
	307	r = new(char, pl+length+1);
	308	if (!r)
	309	return -ENOMEM;
	310
	311	if (prefix)
	312	memcpy(r, prefix, pl);
	313
	314	for (f = s, t = r + pl; f < s + length; f++) {
	315	size_t remaining;
3565e095	316	bool eight_bit = false;
c932fb71	317	char32_t u;
4f5dd394 LP	318	int k;
	319
	320	remaining = s + length - f;
	321	assert(remaining > 0);
	322
	323	if (*f != '\\') {
629ff674	324	/* A literal, copy verbatim */
4f5dd394 LP	325	(t++) = f;
	326	continue;
	327	}
	328
	329	if (remaining == 1) {
	330	if (flags & UNESCAPE_RELAX) {
	331	/* A trailing backslash, copy verbatim */
	332	(t++) = f;
	333	continue;
	334	}
	335
	336	free(r);
	337	return -EINVAL;
	338	}
	339
3565e095	340	k = cunescape_one(f + 1, remaining - 1, &u, &eight_bit);
4f5dd394 LP	341	if (k < 0) {
	342	if (flags & UNESCAPE_RELAX) {
	343	/* Invalid escape code, let's take it literal then */
	344	*(t++) = '\\';
	345	continue;
	346	}
	347
	348	free(r);
	349	return k;
	350	}
	351
3565e095 ZJS	352	f += k;
	353	if (eight_bit)
	354	/* One byte? Set directly as specified */
	355	*(t++) = u;
4f5dd394	356	else
3565e095	357	/* Otherwise encode as multi-byte UTF-8 */
4f5dd394	358	t += utf8_encode_unichar(t, u);
4f5dd394 LP	359	}
	360
	361	*t = 0;
	362
	363	*ret = r;
	364	return t - r;
	365	}
	366
	367	int cunescape_length(const char s, size_t length, UnescapeFlags flags, char *ret) {
	368	return cunescape_length_with_prefix(s, length, NULL, flags, ret);
	369	}
	370
	371	int cunescape(const char s, UnescapeFlags flags, char *ret) {
	372	return cunescape_length(s, strlen(s), flags, ret);
	373	}
	374
	375	char xescape(const char s, const char *bad) {
	376	char r, t;
	377	const char *f;
	378
	379	/* Escapes all chars in bad, in addition to \ and all special
	380	* chars, in \xFF style escaping. May be reversed with
	381	* cunescape(). */
	382
	383	r = new(char, strlen(s) * 4 + 1);
	384	if (!r)
	385	return NULL;
	386
	387	for (f = s, t = r; *f; f++) {
	388
	389	if ((f < ' ') \|\| (f >= 127) \|\|
	390	(f == '\\') \|\| strchr(bad, f)) {
	391	*(t++) = '\\';
	392	*(t++) = 'x';
	393	(t++) = hexchar(f >> 4);
	394	(t++) = hexchar(f);
	395	} else
	396	(t++) = f;
	397	}
	398
	399	*t = 0;
	400
	401	return r;
	402	}
	403
95052df3 ZJS	404	char octescape(const char s, size_t len) {
	405	char r, t;
	406	const char *f;
	407
	408	/* Escapes all chars in bad, in addition to \ and " chars,
	409	* in \nnn style escaping. */
	410
	411	r = new(char, len * 4 + 1);
	412	if (!r)
	413	return NULL;
	414
	415	for (f = s, t = r; f < s + len; f++) {
	416
4c701096	417	if (f < ' ' \|\| f >= 127 \|\| IN_SET(*f, '\\', '"')) {
95052df3 ZJS	418	*(t++) = '\\';
	419	(t++) = '0' + (f >> 6);
	420	(t++) = '0' + ((f >> 3) & 8);
	421	(t++) = '0' + (f & 8);
	422	} else
	423	(t++) = f;
	424	}
	425
	426	*t = 0;
	427
	428	return r;
	429
	430	}
	431
804ee07c	432	static char strcpy_backslash_escaped(char t, const char s, const char bad, bool escape_tab_nl) {
4f5dd394 LP	433	assert(bad);
	434
	435	for (; *s; s++) {
804ee07c ZJS	436	if (escape_tab_nl && IN_SET(*s, '\n', '\t')) {
	437	*(t++) = '\\';
	438	(t++) = s == '\n' ? 'n' : 't';
	439	continue;
	440	}
	441
4f5dd394 LP	442	if (s == '\\' \|\| strchr(bad, s))
	443	*(t++) = '\\';
	444
	445	(t++) = s;
	446	}
	447
	448	return t;
	449	}
	450
	451	char shell_escape(const char s, const char *bad) {
	452	char r, t;
	453
	454	r = new(char, strlen(s)*2+1);
	455	if (!r)
	456	return NULL;
	457
804ee07c	458	t = strcpy_backslash_escaped(r, s, bad, false);
4f5dd394 LP	459	*t = 0;
	460
	461	return r;
	462	}
	463
804ee07c	464	char* shell_maybe_quote(const char *s, EscapeStyle style) {
4f5dd394 LP	465	const char *p;
	466	char r, t;
	467
	468	assert(s);
	469
804ee07c ZJS	470	/* Encloses a string in quotes if necessary to make it OK as a shell
	471	* string. Note that we treat benign UTF-8 characters as needing
	472	* escaping too, but that should be OK. */
4f5dd394 LP	473
	474	for (p = s; *p; p++)
	475	if (*p <= ' ' \|\|
	476	*p >= 127 \|\|
	477	strchr(SHELL_NEED_QUOTES, *p))
	478	break;
	479
	480	if (!*p)
	481	return strdup(s);
	482
804ee07c	483	r = new(char, (style == ESCAPE_POSIX) + 1 + strlen(s)*2 + 1 + 1);
4f5dd394 LP	484	if (!r)
	485	return NULL;
	486
	487	t = r;
804ee07c ZJS	488	if (style == ESCAPE_BACKSLASH)
	489	*(t++) = '"';
	490	else if (style == ESCAPE_POSIX) {
	491	*(t++) = '$';
	492	*(t++) = '\'';
	493	} else
	494	assert_not_reached("Bad EscapeStyle");
	495
4f5dd394 LP	496	t = mempcpy(t, s, p - s);
4f5dd394 LP	497
804ee07c ZJS	498	if (style == ESCAPE_BACKSLASH)
	499	t = strcpy_backslash_escaped(t, p, SHELL_NEED_ESCAPE, false);
	500	else
	501	t = strcpy_backslash_escaped(t, p, SHELL_NEED_ESCAPE_POSIX, true);
4f5dd394	502
804ee07c ZJS	503	if (style == ESCAPE_BACKSLASH)
	504	*(t++) = '"';
	505	else
	506	*(t++) = '\'';
4f5dd394 LP	507	*t = 0;
	508
	509	return r;
	510	}