-
Type:
Bug
-
Resolution: Not a bug
-
Priority:
Low
-
None
-
Affects Version/s: None
-
Component/s: None
-
None
-
Severity 3 - Minor
Summary
When global variables (e.g. passwords) contain a dollar sign "$" they are not expanded correctly - the dollar sign and subsequent characters are missing, or if two dollar signs "$$" appear in succession, random numbers appear
Steps to Reproduce
- Create a new global variable myPassword with the value Test$123
- Add a script task to a build or deployment to write this to a file (passwords are masked so cannot be viewed in logs)
Expected Results
The dollar symbol(s) should be escaped so they expand correctly. In the above example Test$123 should be the expanded value
Actual Results
In the above example, the variable is expanded as Test23
Workaround
It seems to be possible to manually escape this character, e.g. if the value of your global variable is set to Test\$123, this will expand to Test$123
Not a bug
Variable is substituted properly but if your global variable x is set to ```Test$1234``` then the following script
echo ${bamboo.x}
will be processed to
echo Test$1234
Now shell will interprete $1 as value of the first argument passed to the script and will replace it with empty value, so the output will be
Test234
Proper script should be protected against such values with proper quoting:
echo '${bamboo.x}'