Open chri2 opened 2 months ago
man 7 regex
A bound is '{' followed by an unsigned decimal integer, possibly followed by ',' possibly followed by another unsigned decimal integer, always followed by '}'. The integers must lie between 0 and RE_DUP_MAX (255(!)) inclusive
man 7 regex
A bound is '{' followed by an unsigned decimal integer, possibly followed by ',' possibly followed by another unsigned decimal integer, always followed by '}'. The integers must lie between 0 and RE_DUP_MAX (255(!)) inclusive
It turned out that sed
seems to include a library not covered by the man page or that I misunderstood the meaning of the man page.
The following test shows that sed might not be the problem:
for I in `seq 200 3000`; do echo -n "$I "; printf '=%.0s' $(seq 0 $[I+10]) | sed --quiet "s/\(.\{$I\}\).*/\1/p" | wc -c; done
If sed
does like expected still there is the lottery whether the length of 1000 bytes from urandom contains enough data falling in the range of --filter
to fill up the asked --length
.
Describe the bug
Using helper
ynh_string_random
with argument-l <length>
and length>254 returns silently empty string.CI advices not to use
openssl rand
.To reproduce
On a yunohost:
Expected behavior
ynh_string_random
should return a random string as described in the docs or at least return an error if it can't.Security implication
Any app that relied on this function when generating a random string with more than 254 characters as demonstrated above is using an empty string instead. E.g. as a super save extra long password somewhere or as a kind of secret cookie or token.