From 84ed06fc7c31e493e627923bb06abd0ef2a3c27b Mon Sep 17 00:00:00 2001
From: Einhard Leichtfuß <alguien@respiranto.de>
Date: Mon, 24 Dec 2018 04:54:06 +0100
Subject: Use unquoted program variables

E.g. $editor, $output_program.

This is necessary in case the variables contain spaces which are to be
interpreted as argument separators.

Before, eval was sometimes used, which is too much.
---
 ctct.in | 33 +++++++++++++++++++--------------
 1 file changed, 19 insertions(+), 14 deletions(-)

diff --git a/ctct.in b/ctct.in
index c40c15e..93c5ff2 100644
--- a/ctct.in
+++ b/ctct.in
@@ -113,7 +113,11 @@ function main()
 	
 	if ! find_exact "$1"
 	then
-		find_similar "Did you mean:" "$@" || print_msg "No match found."
+		if ! find_similar "Did you mean:" "$@"
+		then
+			print_msg "No match found."
+			return 1
+		fi
 	fi
 }
 
@@ -134,9 +138,9 @@ function find_exact()
 	
 	if test "$visual_program" = "cat"
 	then
-		"$output_program" < "$file"
+		$output_program < "$file"
 	else
-		eval "$output_program" < "$file" | "$visual_program"
+		$output_program < "$file" | $visual_program
 	fi
 	return $TRUE
 }
@@ -144,8 +148,12 @@ function find_exact()
 # $1: initial success message;  $2-${$#}: search-patterns
 function find_similar()
 {
-	local found=false msg="$1" name bool file pattern
-	shift	1					# skip $1
+	local found msg name bool file pattern
+
+	msg="$1"
+	shift 1
+
+	found=false
 	
 	# disallow '.' in any pattern
 	# - any pattern should be either part of the first or the last name
@@ -157,7 +165,7 @@ function find_similar()
 	
 	for file in "$datadir"/*
 	do
-		# NEW
+		# Ignore non-regular files.
 		test -f "$file" || continue
 
 		name="${file##*/}"
@@ -199,7 +207,7 @@ function search_file()
 		else
 			for pattern in "$@"
 			do
-			! eval "$output_program" < "$file" | \
+			! $output_program < "$file" | \
 				grep -qEi "$pattern" "$file" && valid=false && break
 			done
 		fi
@@ -224,7 +232,6 @@ function edit_file()
 	
 	if ! file="$datadir/$(get_filename "$1")"
 	then
-		# NEW
 		if check_syntax "$1" && check_non_existance "$1"
 		then
 			file="$datadir/$1"
@@ -247,14 +254,13 @@ function edit_file()
 	if test "$input_program" = "cat" -a "$output_program" = "cat"
 	then
 		$new && touch "$file"		# vim does not save an empty file
-		"$editor" "$file"
+		$editor "$file"
 	else
 		tmp_file="$(mktemp)"
 		chmod 600 "$tmp_file"
-		# output_program may contain further arguments:
-		! $new && eval "$output_program" < "$file" > "$tmp_file"
-		"$editor" "$tmp_file"
-		eval "$input_program" < "$tmp_file" > "$file"
+		! $new && $output_program < "$file" > "$tmp_file"
+		$editor "$tmp_file"
+		eval $input_program < "$tmp_file" > "$file"
 		rm -f "$tmp_file" && unset tmp_file
 	fi
 }
@@ -382,7 +388,6 @@ function check_syntax()
 	fi
 }
 
-# NEW
 # Only use this when $1 is assured not to be a regular file.
 function check_non_existance()
 {
-- 
cgit v1.2.3