implement escapeQuotationMark in bash generator

frantuma · frantuma · commit 31ae302314aa · 2023-10-26T09:58:35.000+02:00
diff --git a/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/BashClientCodegen.java b/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/BashClientCodegen.java
@@ -473,6 +473,8 @@ else if(collectionFormat.equals("pipes")) {
 
   }
 
+
+
   /**
    * Override with any special text escaping logic
    */
@@ -562,7 +564,8 @@ public String escapeText(String input) {
 
   @Override
   public String escapeQuotationMark(String input) {
-      return input;
+    // remove ' to avoid code injection
+    return input.replace("'", "\'\\\'\'");
   }
 
   /**

Original file line number	Diff line number	Diff line change
`@@ -473,6 +473,8 @@ else if(collectionFormat.equals("pipes")) {`
`473`	`473`
`474`	`474`	`}`
`475`	`475`
	`476`	`+`
	`477`	`+`
`476`	`478`	`/**`
`477`	`479`	`* Override with any special text escaping logic`
`478`	`480`	`*/`
`@@ -562,7 +564,8 @@ public String escapeText(String input) {`
`562`	`564`
`563`	`565`	`@Override`
`564`	`566`	`public String escapeQuotationMark(String input) {`
`565`		`- return input;`
	`567`	`+ // remove ' to avoid code injection`
	`568`	`+ return input.replace("'", "\'\\\'\'");`
`566`	`569`	`}`
`567`	`570`
`568`	`571`	`/**`