[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: enable_grep and enable_idutils are insecure [1/2]
|
From: |
Shigio Yamaguchi |
|
Subject: |
Re: enable_grep and enable_idutils are insecure [1/2] |
|
Date: |
Sun, 01 Jun 2003 17:26:07 +0900 |
I think I have shut the security hole.
Thank you for your report!
Index: global/global.c
===================================================================
RCS file: /cvsroot/global/global/global/global.c,v
retrieving revision 1.65
diff -r1.65 global.c
687,689c687
< strbuf_putc(ib, '\'');
< strbuf_puts(ib, pattern);
< strbuf_putc(ib, '\'');
---
> strbuf_puts(ib, quote_string(pattern));
Index: libutil/char.c
===================================================================
RCS file: /cvsroot/global/global/libutil/char.c,v
retrieving revision 1.1
diff -r1.1 char.c
25a26
> #include "strbuf.h"
73a75,95
> }
> /*
> * quote string.
> *
> * 'aaa' => \'\a\a\a\'
> */
> char *
> quote_string(s)
> char *s;
> {
> static STRBUF *sb = NULL;
>
> if (sb == NULL)
> sb = strbuf_open(0);
> else
> strbuf_reset(sb);
> for (; *s; s++) {
> strbuf_putc(sb, '\\');
> strbuf_putc(sb, *s);
> }
> return strbuf_value(sb);
Index: libutil/char.h
===================================================================
RCS file: /cvsroot/global/global/libutil/char.h,v
retrieving revision 1.1
diff -r1.1 char.h
25a26
> char *quote_string(char *);
--
Shigio Yamaguchi <address@hidden> - Tama Communications Corporation
Spare mail address: <address@hidden>
PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: enable_grep and enable_idutils are insecure [1/2],
Shigio Yamaguchi <=