bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#61201: Installation hint crashes when user names contain at sign

From: Csepp
Subject: bug#61201: Installation hint crashes when user names contain at sign
Date: Fri, 24 Feb 2023 12:18:36 +0100 
Ludovic Courtès <ludo@gnu.org> writes:

> Ludovic Courtès <ludovic.courtes@inria.fr> skribis:
>
>> A funny thing was reported earlier today on the Café Guix channel:
>>
>> $ guix install hello  [17:52]
>> building profile with 5 packages...
>> hint: Backtrace:
>
> [...]
>
>> In guix/ui.scm:
>>     312:5  6 (display-hint _ )
>>   1451:24  5 (texi->plain-text )
>> In texinfo.scm:
>>   1132:22  4 (parse )
>>    980:31  3 (loop #<input: string 2b6e5926be70> (fragment) _ _ )
>>    967:36  2 (loop #<input: string 2b6e5926be70> #f # ?)
>>      92:2  1 (command-spec )
>> In ice-9/boot-9.scm:
>>   1685:16  0 (raise-exception _ #:continuable? )
>>  
>> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
>> Throw to key #E1E1E1">parser-error' with args(#f "Unknown command" univ)'.
>
> Here’s one way to reproduce the bug, showing a crash in ‘display-hint’
> due to an unescaped brace:
>
> $ mkdir /tmp/x{ample
> $ touch /tmp/x{ample/guix.scm
> $ (cd '/tmp/x{ample' ; guix shell)
> guix shell: error: not loading '/tmp/x{ample/guix.scm' because not authorized 
> to do so
> hint: Backtrace:
>           13 (primitive-load "/home/ludo/.config/guix/current/bin/guix")
> In guix/ui.scm:
>    2279:7 12 (run-guix . _)
>   2242:10 11 (run-guix-command _ . _)
> In ice-9/boot-9.scm:
>   1752:10 10 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
> In guix/scripts/shell.scm:
>    308:15  9 (_)
> In guix/ui.scm:
>     312:5  8 (display-hint _ _)
>   1451:24  7 (texi->plain-text _)
> In texinfo.scm:
>   1132:22  6 (parse _)
>    980:31  5 (loop #<input: string 7feb8b300d20> (*fragment*) _ _ _)
>    980:31  4 (loop #<input: string 7feb8b300d20> #f _ _ _)
>    911:31  3 (loop #<input: string 7feb8b300d20> #f #<procedure identity (x)> 
> #f _)
>    746:27  2 (_ #<input: string 7feb8b300d20> #f (example smallexample 
> verbatim lisp smalllisp menu w %) #<procedure 7feb9aea1948 at texin…> …)
> In sxml/ssax/input-parse.scm:
>      88:2  1 (next-token _ _ _ _)
> In ice-9/boot-9.scm:
>   1685:16  0 (raise-exception _ #:continuable? _)
>
> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
> Throw to key `parser-error' with args `(#<input: string 7feb8b300d20> "EOF 
> while reading a token " "reading char data")'.
>
> Ludo’.

Would it be heresy to recommend that plain strings and strings that
contain texinfo markup be separate types to catch this sort of thing?
In 2023 it's pretty embarrassing to have bugs that are basically SQL
injections.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]