From e61e6e6fd9676ce3ff3971851755cdb7cf63dbf1 Mon Sep 17 00:00:00 2001 From: wm4 Date: Fri, 29 Nov 2013 23:36:44 +0100 Subject: command: change the syntax and semantics of the "run" command See the changes in input.rst for explanations. Technically speaking, this also gets rid of some undefined behavior: passing NULL as a vararg (execl()) is always a bug. --- DOCS/man/en/input.rst | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'DOCS') diff --git a/DOCS/man/en/input.rst b/DOCS/man/en/input.rst index 917584428f..0e05be2745 100644 --- a/DOCS/man/en/input.rst +++ b/DOCS/man/en/input.rst @@ -198,9 +198,24 @@ List of Input Commands because index2 refers to the target entry, not the index the entry will have after moving.) -``run ""`` - Run the given command with ``/bin/sh -c``. The string is expanded like in - `Property Expansion`_. +``run "command" "arg1" "arg2" ...`` + Run the given command. Unlike in MPlayer/mplayer2 and earlier versions of + mpv (0.2.x and older), this doesn't call the shell. Instead, the command + is run directly, with each argument passed separately. Each argument is + expanded like in `Property Expansion`_. Note that there is a static limit + of (as of this writing) 10 arguments (this limit could be raised on demand). + + To get the old behavior, use ``/bin/sh`` and ``-c`` as the first two + arguments. + + .. admonition:: Example + + ``run "/bin/sh" "-c" "echo ${title} > /tmp/playing"`` + + This is not a particularly good example, because it doesn't handle + escaping, and a specially prepared file might allow an attacker to + execute arbitrary shell commands. It is recommended to write a small + shell script, and call that with ``run``. ``quit []`` Exit the player using the given exit code. -- cgit v1.2.3