Hello list, First of all, my apologies if this issue was already raised and discussed, I haven't found it so far. I was toying around with a site that proposed to hash passwords to MD5, and comparing results with my host running FreeBSD 7.0-STABLE At some point I didn't get the same hash from the website and from BSD. On BSD: echo -n "test'$_at_" | md5 5c28a8c6d799d302f3ef53afefdfc81b On website: f883cdacbb478c241c51da1f67fbe9bf After swapping characters around I realized that echo just interprets $_at_ (which in our case is null). So I tried escaping the _at_ which didn't work: echo -n "test'$\_at_" | md5 cff4781da603112b5a271891c7c9cc47 Escaping the $ did work however: echo -n "test'\$_at_" | md5 f883cdacbb478c241c51da1f67fbe9bf I can not think of a concrete example at the moment, but I can imagine a program creating a hash and inadvertently feeding md5 a string containing $? , $_at_ , $# or $1 for example. This could lead to unwanted results. Anyone knows if this behaviour is intended ? It sure confused me here. Perhaps a switch should be added to tell echo to not parse the $variables ? Or perhaps it should be the natural behaviour to not parse them, and only do it if -e was given ? Regards,Received on Thu Jan 08 2009 - 12:05:58 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:40 UTC