Version: (using KDE KDE 3.0.99) Installed from: Compiled From Sources Compiler: Gcc 3.2.1 OS: Linux Being Italian, the character ' (apostrophe or single quote) is used in common language expressions. Since gideon uses the single quote for quoting cvs parameters as in "cvs -m 'my message goes here'" the command fails when I use some very frequent (and to me, obvious) words. I believe that: 1) gideon should use double quote (") for quoting messages for cvs command; or 2) the label in the cvs options dialog should be modified to explain to not to use some characters; or 3) a check should be done to replace all characters with escaped ones (that is replacing ' with \'). Hope it is clear enough ;)
Can you check whether the bug existst in CVS HEAD? We use KShellProcess::quote now. We have to use single ' quotes to prevent malicious code, the shell won't try to interprete anything that's in single quotes.
No .. it remains ... cvs -d $CVSROOT init && cd /home/mario/provacvs && cvs -d $CVSROOT import -m 'Questo e' un bel progetto da provare ...' provacvs vendor start * *** Exited with status: 2 *** (For your information "e'" means "is" in english) I agree that if security must be enforced than a "validation" of the sentence inserted as CVS message must be used to reject unallowed characters ;)
ah, sorry, I thought you meant messages during "cvs commit". "cvs import" messages are now also quoted (CVS HEAD), so the bug should be gone. Thanks for the info, Harry
Ok, just updated from CVS of this afternoon ;) And ... ehmm ... I believe it still is open: if i use the words: I'm very happy to say that I fixed the bug ... the wizard will quote it as: 'I'm very happy to say that I fixed the bug ...' which is obviously wrong (will produce error when executing the command)! Nothing prevents the user from using single quote (') in the string (I mean, no message box, no label, nothing). Now I know about the problem and will avoid it but a new user? If you point me where to look I could work out a patch for this ... I addition I see that _all_ strings are single-quoted and this prevent the user from using env vars, as I do (like $CVSROOT='/home/cvsroot').