From 848c0ef3abb10b22cd7152e2890c88a7b22a92b9 Mon Sep 17 00:00:00 2001
From: mfridge <15315366+mfridge@users.noreply.github.com>
Date: Fri, 6 Jan 2023 16:07:33 +0100
Subject: [PATCH] Consider quotes when splitting command arguments

---
 glances/secure.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/glances/secure.py b/glances/secure.py
index 65c64945..1bb93a16 100644
--- a/glances/secure.py
+++ b/glances/secure.py
@@ -11,6 +11,7 @@
 
 from glances.compat import nativestr
 from subprocess import Popen, PIPE
+import re
 
 
 def secure_popen(cmd):
@@ -48,8 +49,8 @@ def __secure_popen(cmd):
     p_last = None
     # Split by pipe '|'
     for sub_cmd in cmd.split('|'):
-        # Split by space ' '
-        sub_cmd_split = [i for i in sub_cmd.split(' ') if i]
+        # Split by space character, but do no split spaces within quotes
+        sub_cmd_split = [_ for _ in list(filter(None, re.split(r'(\s+)|(".*?"+?)|(\'.*?\'+?)', sub_cmd))) if _ != ' ']
         p = Popen(sub_cmd_split, shell=False, stdin=sub_cmd_stdin, stdout=PIPE, stderr=PIPE)
         if p_last is not None:
             # Allow p_last to receive a SIGPIPE if p exits.