Using quotes for file path in find command

[amoghrajesh]

We perform a find command here:

airflow/providers/docker/tests/system/docker/example_docker_copy_data.py

Lines 48 to 59 in f93b465

	locate_file_cmd = """
	sleep 10
	find {{params.source_location}} -type f -printf "%f\n" | head -1
	"""
	t_view = BashOperator(
	task_id="view_file",
	bash_command=locate_file_cmd,
	do_xcom_push=True,
	params={"source_location": "/your/input_dir/path"},
	dag=dag,
	)

. Since its a file find, we should use quotes.

---

^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named {pr_number}.significant.rst or {issue_number}.significant.rst, in newsfragments.

[potiuk]

Still when the params contain "'" tt can be abused .

[amoghrajesh]

Ah yes. good catch!

[amoghrajesh]

@potiuk shlex is the way to go. I tried with double and single quotes, works as I expected.

[Vincent550102]

@amoghrajesh The injection still exists. I just send a PR.

#46809