Bug #17126
closed
String#gsub fails to escape single quote for shell
Description
Hi, I don't know if I'm misunderstanding how String#gsub works, but I encountered an issue in the Ruby "git" gem with escaping single quotes for shell, which I fixed and contributed back.
I thought I'd report here too since it was caused by Ruby String#gsub malfunctioning, just in case there is a bug in Ruby.
Description:
When calling String#gsub("'", "'\\''") on a String that contains a single-quote (e.g. "Hello ' World"), it is duplicating the substring following the single-quote in the returned String instead of simply replacing the single-quote with escaped single quotes.
Code to Demonstrate Problem:
"Hello ' World".gsub('\'', '\'\\\'\'')
or
"Hello ' World".gsub("'", "'\\''")
or
"Hello ' World".gsub(/'/, "'\\''")
Output:
=> "Hello ' World' World"
Expected Output:
=> "Hello '\'' World"
In fact, I tested this same regex replacement in Java and got the expected output above.
I look forward to hearing back about this puzzling problem.
Perhaps it is not a bug and I am just misunderstanding how String#gsub works in Ruby as I noticed it behaves the same exact way in JRuby too.
Best regards,
Andy Maleh
Updated by AndyMaleh (Andy Maleh) over 3 years ago
- Subject changed from String#gsub fails to escape single quote to String#gsub fails to escape single quote for shell
- Description updated (diff)
Updated by jeremyevans0 (Jeremy Evans) over 3 years ago
- Status changed from Open to Closed
\' means something special in a sub/gsub replacement string, see the documentation for details: https://docs.ruby-lang.org/en/2.7.0/String.html#method-i-gsub
As the documentation explains, use four backslashes:
puts "Hello ' World".gsub(/'/, "'\\\\''")
# Output:
# Hello '\'' World
Updated by AndyMaleh (Andy Maleh) over 3 years ago
Got it. I missed that completely in the documentation, thinking it wasn't related to our use of \'.
Thanks a lot for explaining and for supporting the Ruby programming language in the open-source community.