bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27270: display-raw-bytes-as-hex generates ambiguous output for Emacs

From: Paul Eggert
Subject: bug#27270: display-raw-bytes-as-hex generates ambiguous output for Emacs strings
Date: Sun, 24 Apr 2022 15:35:53 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 
On 4/24/22 04:24, Lars Ingebrigtsen wrote:


The likelihood of anybody actually encountering this issue is ... small.


Sure, if strings are random. But strings from opponents aren't random.
I'll readily grant that it's a much smaller exposure than SQL injection. Still, like SQL injection it's an exposure and should be fixed. 



You want to quote all %c as if they were raw bytes?  Or only following a
raw byte?
Closer to the latter, but even less than the latter. I am being conservative and am proposing that Emacs do what it does now unless the resulting output would be misinterpreted on input. So I wouldn't change how all characters are quoted; only how characters are quoted when the result would be interpreted incorrectly. 



what about (format "%cf" #x9e)
Since that returns a multibyte string, I suggest "\u009ef" which is multibyte. For its unibyte counterpart (encode-coding-string (format "%cf" #x9e) 'iso-latin-1) I suggest the syntax "\x9e\ f" which is unibyte. (These are not the only possibilities; for example, the former could be "\u009e\ f" if you think that's clearer.)
This string syntax is already supported by Emacs, so this wouldn't change the Lisp reader. 



it creates
very confusing displayed strings.
These examples are not *that* confusing. And although they may not be beautiful, correct strings are less confusing than incorrect strings.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]