OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Francis Favorini (francis.favoriniDUKE.EDU)
Date: Wed Sep 19 2001 - 20:09:28 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    > -----Original Message-----
    > From: Daniel Schultz [mailto:DSchultzNetworkServicesGroup.com]
    > for /R %f in (*.htm *.html *.asp) do ren %f %~nf.old & findstr /L /V
    > "readme.eml" %~nf.old >%f

    This won't work under NT. When you use format specifier letters (any of
    "dfnpsx") with the enhanced %~ syntax your variable name must not conflict
    with those format specifier letters. So %~nf, %~nd, etc. won't work, but
    %~ni will.

    Also won't work if your file names have spaces in them. And you need to use
    the name+extension in the second arg to rename ("%~nxi.old") and the full
    filename ("%i.old") for findstr.

    Strange thing: it seems that the *.htm pattern in the for /R command matches
    files that end in ".htm" followed by anything except a period. So it
    matches *.html, *.html34j#, *.htmq, etc., but not *.h or *.ht or *.htm.old.
    Apparently, only the first three characters are compared. Thus *.html files
    are picked up twice. I.e., once for the original file and once for the new
    "clean" file. This could be bad; see below. (Don't know if this is true on
    Win2K.)

    Finally, if the rename fails for some reason (maybe there already is a
    ".old" file), you will end up with no backup and a 0-byte original (empty
    output from findstr)! Better to use && instead of &, which will only run
    the second command if the first command succeeds.

    Here is a corrected example:

    for /R %i in (*.htm *.asp) do ren "%i" "%~nxi.old" && findstr /L /V
    "readme.eml" "%i.old" > "%i"

    You can also put an "" before "ren" to hide output (except errors):

    for /R %i in (*.htm *.asp) do ren "%i" "%~nxi.old" && findstr /L /V
    "readme.eml" "%i.old" > "%i"

    Of course, this technique only removes lines that have "readme.eml" in them.
    Are we sure that will always get *all and only* the added code? What if the
    original HTML file didn't end in a CRLF?
    And, you'll probably want to delete the readme.eml files as well.

    -Francis

    _____________________________________________________________________
    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net