[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Printf and quoting in general, SQL injection in particular [was: Ema
From: |
Eli Zaretskii |
Subject: |
Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way] |
Date: |
Tue, 22 Jun 2021 15:12:42 +0300 |
> Date: Tue, 22 Jun 2021 02:23:03 +0200
> From: Emanuel Berg via Users list for the GNU Emacs text editor
> <help-gnu-emacs@gnu.org>
>
> tomas wrote:
>
> > My hint was rather a metaphor: using string operations on
> > things that aren't really strings (in the original case:
> > file system paths)
>
> Emacs disagrees:
>
> (setq file "~/.emacs")
> (file-exists-p file) ; t
> (stringp file) ; t
>
> > But your side is not "the world", and therefore Eli's
> > warning was spot-on
>
> False alarm, as shown. It is safe to say, that warning can
> be ignored.
Not a false alarm; ignore that warning at your own peril:
(string-equal "~/foo" "/home/users/eliz/foo") => nil
(file-equal-p "~/foo" "/home/users/eliz/foo") => t
and also:
(string-equal "/home/users/eliz/foo" "/server/homes/users/eliz/foo") => nil
(file-equal-p "/home/users/eliz/foo" "/server/homes/users/eliz/foo") => t
And what about the below, what's going on there?
$ ls -l /usr/bin/emacs*
-rwxr-xr-x 2 eliz None 81081674 2021-03-25 15:54 /usr/bin/emacs
-rwxr-xr-x 2 eliz None 81081674 2021-03-25 15:54 /usr/bin/emacs-27.2
(file-equal-p "/usr/bin/emacs" "/usr/bin/emacs-27.2") => t
- Re: Printf and quoting in general, SQL injection in particular, (continued)
- Re: Printf and quoting in general, SQL injection in particular, tomas, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular, Jean Louis, 2021/06/28
- Re: Emacs Modular Configuration: the preferable way., Jean Louis, 2021/06/21
- Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], tomas, 2021/06/21
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/21
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/21
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/21
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/28
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/21
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way],
Eli Zaretskii <=
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/22
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Emanuel Berg, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Eli Zaretskii, 2021/06/26
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/28
- Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way], Jean Louis, 2021/06/28