Solved

Perl issue with @ in backticks for curl

Posted on 2014-01-23
6
1,195 Views
Last Modified: 2014-05-22
I have a perl script that calls a curl command via backticks.
Because of the locked down environment I work in, I can not add any modules to the basic perl install ( 5.05 on most or 5.8.8 on the newest machines).
I have a problem with the @ in a curl command that allows input from a file: curl -d@filename

perl compalins that   :
Can't use string ("home/xymon/server/ext/check_webl") as an ARRAY ref while "strict refs" in use at ./xy_weblogic_chk.pl line 155.
 `$CURL --connect-timeout 5 -m 15 -d@$XML_FILE  http://$opt_IP/middleware 2>&1 | grep "/result"  > $infile` ;
 this cmmand works fine in a shell script
 
 How do I escape or fix the command to get it to work in backticks  or other solution.

 
 Thanks in advance.
0
Comment
Question by:SysExpert
6 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39804269
Did you try to escape the @ with \ ?

`$CURL --connect-timeout 5 -m 15 -d\@$XML_FILE  http://$opt_IP/middleware 2>&1 | grep "/result"  > $infile` ;
0
 
LVL 63

Author Comment

by:SysExpert
ID: 39804322
That messes up the curl command

curl: (7) Failed to connect to 0.0.0.1: Invalid argument
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39804429
Strange. \ is a valid escape char in perl.

You could try single quotes, but that's just a guess:

`$CURL --connect-timeout 5 -m 15 -d '@'$XML_FILE  http://$opt_IP/middleware 2>&1 | grep "/result"  > $infile` ;
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 84

Expert Comment

by:ozo
ID: 39804688
What would the curl command be if you gave it directly instead of from perl?

Also, what is in $opt_IP?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39808528
Better use perl module instead of external program.
http://curl.haxx.se/libcurl/perl/easy.pm.html
0
 
LVL 12

Accepted Solution

by:
stefan73 earned 500 total points
ID: 39846715
You end up in a world of pain when you use unescaped variables as parameters in backticks - this is dangerous, it can even be a security issue (code injection).

So better escape them:
sub shell_escape{$_=shift; s/\'/\'\"\'\"\'/g; $_;}

$XML_FILE_esc = shell_escape($XML_FILE);
...
`$CURL --connect-timeout 5 -m 15 -d \@'$XML_FILE_esc'  http://$opt_IP/middleware 2>&1 | grep "/result"  > $infile` ;

And unless you need stdout in a Perl variable, don't use backticks. Use system() instead. You can create the system() call's shell string in a separate variable which you can easily verify first before executing it.

What you are trying to do looks like "Perl-enhanced shell scripting", which normally gets messy very fast.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question