• Uncategorized

About string : Escape-a-string-for-a-sed-replace-pattern

Question Detail

In my bash script I have an external (received from user) string, which I should use in sed pattern.

REPLACE="<funny characters here>"

How can I escape the $REPLACE string so it would be safely accepted by sed as a literal replacement?

NOTE: The KEYWORD is a dumb substring with no matches etc. It is not supplied by user.

Question Answer

Warning: This does not consider newlines. For a more in-depth answer, see this SO-question instead. (Thanks, Ed Morton & Niklas Peter)

Note that escaping everything is a bad idea. Sed needs many characters to be escaped to get their special meaning. For example, if you escape a digit in the replacement string, it will turn in to a backreference.

As Ben Blank said, there are only three characters that need to be escaped in the replacement string (escapes themselves, forward slash for end of statement and & for replace all):

ESCAPED_REPLACE=$(printf '%s\n' "$REPLACE" | sed -e 's/[\/&]/\\&/g')
# Now you can use ESCAPED_REPLACE in the original sed statement

If you ever need to escape the KEYWORD string, the following is the one you need:

sed -e 's/[]\/$*.^[]/\\&/g'

And can be used by:

KEYWORD="The Keyword You Need";
ESCAPED_KEYWORD=$(printf '%s\n' "$KEYWORD" | sed -e 's/[]\/$*.^[]/\\&/g');

# Now you can use it inside the original sed statement to replace text

Remember, if you use a character other than / as delimiter, you need replace the slash in the expressions above wih the character you are using. See PeterJCLaw’s comment for explanation.

Edited: Due to some corner cases previously not accounted for, the commands above have changed several times. Check the edit history for details.

The sed command allows you to use other characters instead of / as separator:

sed 's#"http://www\.fubar\.com"#URL_FUBAR#g'

The double quotes are not a problem.

The only three literal characters which are treated specially in the replace clause are / (to close the clause), \ (to escape characters, backreference, &c.), and & (to include the match in the replacement). Therefore, all you need to do is escape those three characters:

sed "s/KEYWORD/$(echo $REPLACE | sed -e 's/\\/\\\\/g; s/\//\\\//g; s/&/\\\&/g')/g"


$ export REPLACE="'\"|\\/><&!"
$ echo fooKEYWORDbar | sed "s/KEYWORD/$(echo $REPLACE | sed -e 's/\\/\\\\/g; s/\//\\\//g; s/&/\\\&/g')/g"

Based on Pianosaurus’s regular expressions, I made a bash function that escapes both keyword and replacement.

function sedeasy {
  sed -i "s/$(echo $1 | sed -e 's/\([[\/.*]\|\]\)/\\&/g')/$(echo $2 | sed -e 's/[\/&]/\\&/g')/g" $3

Here’s how you use it:

sedeasy "include /etc/nginx/conf.d/*" "include /apps/*/conf/nginx.conf" /etc/nginx/nginx.conf

It’s a bit late to respond… but there IS a much simpler way to do this. Just change the delimiter (i.e., the character that separates fields). So, instead of s/foo/bar/ you write s|bar|foo.

And, here’s the easy way to do this:

sed 's|/\*!50017 DEFINER=`snafu`@`localhost`\*/||g'

The resulting output is devoid of that nasty DEFINER clause.

It turns out you’re asking the wrong question. I also asked the wrong question. The reason it’s wrong is the beginning of the first sentence: “In my bash script…”.

I had the same question & made the same mistake. If you’re using bash, you don’t need to use sed to do string replacements (and it’s much cleaner to use the replace feature built into bash).

Instead of something like, for example:

function escape-all-funny-characters() { UNKNOWN_CODE_THAT_ANSWERS_THE_QUESTION_YOU_ASKED; }
INPUT='some long string with KEYWORD that need replacing KEYWORD.'
A="$(escape-all-funny-characters 'KEYWORD')"
B="$(escape-all-funny-characters '<funny characters here>')"
OUTPUT="$(sed "s/$A/$B/g" <<<"$INPUT")"

you can use bash features exclusively:

INPUT='some long string with KEYWORD that need replacing KEYWORD.'
B='<funny characters here>'

Use awk – it is cleaner:

$ awk -v R='//addr:\\file' '{ sub("THIS", R, $0); print $0 }' <<< "http://file:\_THIS_/path/to/a/file\\is\\\a\\ nightmare"
http://file:\_//addr:\file_/path/to/a/file\\is\\\a\\ nightmare

Here is an example of an AWK I used a while ago. It is an AWK that prints new AWKS. AWK and SED being similar it may be a good template.

ls | awk '{ print "awk " "'"'"'"  " {print $1,$2,$3} " "'"'"'"  " " $1 ".old_ext > " $1 ".new_ext"  }' > for_the_birds

It looks excessive, but somehow that combination of quotes works to keep the ‘ printed as literals. Then if I remember correctly the vaiables are just surrounded with quotes like this: “$1”. Try it, let me know how it works with SED.

These are the escape codes that I’ve found:

* = \x2a
( = \x28
) = \x29

" = \x22
/ = \x2f
\ = \x5c

' = \x27
? = \x3f
% = \x25
^ = \x5e

sed is typically a mess, especially the difference between gnu-sed and bsd-sed

might just be easier to place some sort of sentinel at the sed side, then a quick pipe over to awk, which is far more flexible in accepting any ERE regex, escaped hex, or escaped octals.

e.g. OFS in awk is the true replacement ::

date | sed -E 's/[0-9]+/\xC1\xC0/g' |  

          mawk NF=NF FS='\xC1\xC0' OFS='\360\237\244\241'  
 1  Tue Aug  🤡 🤡:🤡:🤡 EDT 🤡

(tested and confirmed working on both BSD-sed and GNU-sed – the emoji isn’t a typo that’s what those 4 bytes map to in UTF-8 )

There are dozens of answers out there… If you don’t mind using a bash function schema, below is a good answer. The objective below was to allow using sed with practically any parameter as a KEYWORD (F_PS_TARGET) or as a REPLACE (F_PS_REPLACE). We tested it in many scenarios and it seems to be pretty safe. The implementation below supports tabs, line breaks and sigle quotes for both KEYWORD and replace REPLACE.

NOTES: The idea here is to use sed to escape entries for another sed command.


f_reverse_string() {
    : 'Do a string reverse.

    To undo just use a reversed string as STRING_INPUT.

        STRING_INPUT (str): String input.

        F_REVERSE_STRING_R (str): The modified string.

    local STRING_INPUT=$1
    F_REVERSE_STRING_R=$(echo "x${STRING_INPUT}x" | tac | rev)

# [Ref(s).: https://stackoverflow.com/a/2705678/3223785 ]
f_power_sed_ecp() {
    : 'Escape strings for the "sed" command.

    Escaped characters will be processed as is (e.g. /n, /t ...).

        F_PSE_VAL_TO_ECP (str): Value to be escaped.
        F_PSE_ECP_TYPE (int): 0 - For the TARGET value; 1 - For the REPLACE value.

        F_POWER_SED_ECP_R (str): Escaped value.

    local F_PSE_VAL_TO_ECP=$1
    local F_PSE_ECP_TYPE=$2

    # NOTE: Operational characters of "sed" will be escaped, as well as single quotes.
    # By Questor
    if [ ${F_PSE_ECP_TYPE} -eq 0 ] ; then
    # NOTE: For the TARGET value. By Questor

        F_POWER_SED_ECP_R=$(echo "x${F_PSE_VAL_TO_ECP}x" | sed 's/[]\/$*.^[]/\\&/g' | sed "s/'/\\\x27/g" | sed ':a;N;$!ba;s/\n/\\n/g')
    # NOTE: For the REPLACE value. By Questor

        F_POWER_SED_ECP_R=$(echo "x${F_PSE_VAL_TO_ECP}x" | sed 's/[\/&]/\\&/g' | sed "s/'/\\\x27/g" | sed ':a;N;$!ba;s/\n/\\n/g')


# [Ref(s).: https://stackoverflow.com/a/24134488/3223785 ,
# https://stackoverflow.com/a/21740695/3223785 ,
# https://unix.stackexchange.com/a/655558/61742 ,
# https://stackoverflow.com/a/11461628/3223785 ,
# https://stackoverflow.com/a/45151986/3223785 ,
# https://linuxaria.com/pills/tac-and-rev-to-see-files-in-reverse-order ,
# https://unix.stackexchange.com/a/631355/61742 ]
f_power_sed() {
    : 'Facilitate the use of the "sed" command. Replaces in files and strings.

        F_PS_TARGET (str): Value to be replaced by the value of F_PS_REPLACE.
        F_PS_REPLACE (str): Value that will replace F_PS_TARGET.
        F_PS_FILE (Optional[str]): File in which the replacement will be made.
        F_PS_SOURCE (Optional[str]): String to be manipulated in case "F_PS_FILE" was
    not informed.
        F_PS_NTH_OCCUR (Optional[int]): [1~n] - Replace the nth match; [n~-1] - Replace
    the last nth match; 0 - Replace every match; Default 1.

        F_POWER_SED_R (str): Return the result if "F_PS_FILE" is not informed.

    local F_PS_TARGET=$1
    local F_PS_REPLACE=$2
    local F_PS_FILE=$3
    local F_PS_SOURCE=$4
    local F_PS_NTH_OCCUR=$5
    if [ -z "$F_PS_NTH_OCCUR" ] ; then

    local F_PS_REVERSE_MODE=0
    if [ ${F_PS_NTH_OCCUR} -lt -1 ] ; then
        f_reverse_string "$F_PS_TARGET"
        f_reverse_string "$F_PS_REPLACE"
        f_reverse_string "$F_PS_SOURCE"

    f_power_sed_ecp "$F_PS_TARGET" 0
    f_power_sed_ecp "$F_PS_REPLACE" 1

    local F_PS_SED_RPL=""
    if [ ${F_PS_NTH_OCCUR} -eq -1 ] ; then
    # NOTE: We kept this option because it performs better when we only need to replace
    # the last occurrence. By Questor

        # [Ref(s).: https://linuxhint.com/use-sed-replace-last-occurrence/ ,
        # https://unix.stackexchange.com/a/713866/61742 ]
    elif [ ${F_PS_NTH_OCCUR} -gt 0 ] ; then
        # [Ref(s).: https://unix.stackexchange.com/a/587924/61742 ]
    elif [ ${F_PS_NTH_OCCUR} -eq 0 ] ; then

    # NOTE: As the "sed" commands below always process literal values for the "F_PS_TARGET"
    # so we use the "-z" flag in case it has multiple lines. By Quaestor
    # [Ref(s).: https://unix.stackexchange.com/a/525524/61742 ]
    if [ -z "$F_PS_FILE" ] ; then
        F_POWER_SED_R=$(echo "x${F_PS_SOURCE}x" | eval "sed -z $F_PS_SED_RPL")
        if [ ${F_PS_REVERSE_MODE} -eq 1 ] ; then
            f_reverse_string "$F_POWER_SED_R"
        if [ ${F_PS_REVERSE_MODE} -eq 0 ] ; then
            eval "sed -i -z $F_PS_SED_RPL \"$F_PS_FILE\""
            tac "$F_PS_FILE" | rev | eval "sed -z $F_PS_SED_RPL" | tac | rev > "$F_PS_FILE"



f_power_sed "F_PS_TARGET" "F_PS_REPLACE" "" "F_PS_SOURCE"
echo "$F_POWER_SED_R"


f_power_sed "{ gsub(/,[ ]+|$/,\"\0\"); print }' ./  and eliminate" "[ ]+|$/,\"\0\""  "" "Great answer (+1). If you change your awk to awk '{ gsub(/,[ ]+|$/,\"\0\"); print }' ./  and eliminate that concatenation of the final \", \" then you don't have to go through the gymnastics on eliminating the final record. So: readarray -td '' a < <(awk '{ gsub(/,[ ]+/,\"\0\"); print; }' <<<\"$string\") on Bash that supports readarray. Note your method is Bash 4.4+ I think because of the -d in readar"
echo "$F_POWER_SED_R"



# "TARGET" value.
f_power_sed_ecp "F_PSE_VAL_TO_ECP" 0

# "REPLACE" value.
f_power_sed_ecp "F_PSE_VAL_TO_ECP" 1

IMPORTANT: If the strings for KEYWORD and/or replace REPLACE contain tabs or line breaks you will need to use the “-z” flag in your “sed” command. More details here.


f_power_sed_ecp "{ gsub(/,[ ]+|$/,\"\0\"); print }' ./  and eliminate" 0
f_power_sed_ecp "[ ]+|$/,\"\0\"" 1

NOTE: The f_power_sed_ecp and f_power_sed functions above was made available completely free as part of this project ez_i – Create shell script installers easily!.

don’t forget all the pleasure that occur with the shell limitation around ” and ‘

so (in ksh)

Var=">New version of \"content' here <"
printf "%s" "${Var}" | sed "s/[&\/\\\\*\\"']/\\&/g' | read -r EscVar

echo "Here is your \"text\" to change" | sed "s/text/${EscVar}/g"

If the case happens to be that you are generating a random password to pass to sed replace pattern, then you choose to be careful about which set of characters in the random string. If you choose a password made by encoding a value as base64, then there is is only character that is both possible in base64 and is also a special character in sed replace pattern. That character is “/”, and is easily removed from the password you are generating:

# password 32 characters log, minus any copies of the "/" character.
pass=`openssl rand -base64 32 | sed -e 's/\///g'`;

If you are just looking to replace Variable value in sed command then just remove

sed -i 's/dev-/dev-$ENV/g' test to sed -i s/dev-/dev-$ENV/g test

I have an improvement over the sedeasy function, which WILL break with special characters like tab.

function sedeasy_improved {
    sed -i "s/$(
        echo "$1" | sed -e 's/\([[\/.*]\|\]\)/\\&/g' 
            | sed -e 's:\t:\\t:g'
        echo "$2" | sed -e 's/[\/&]/\\&/g' 
            | sed -e 's:\t:\\t:g'
    )/g" "$3"

So, whats different? $1 and $2 wrapped in quotes to avoid shell expansions and preserve tabs or double spaces.

Additional piping | sed -e 's:\t:\\t:g' (I like : as token) which transforms a tab in \t.

An easier way to do this is simply building the string before hand and using it as a parameter for sed

sed -i $rpstring  test.txt

You may also like...

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.