[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] [PATCH] Simplify get-environment-variable and ##sy
From: |
Christian Kellermann |
Subject: |
Re: [Chicken-hackers] [PATCH] Simplify get-environment-variable and ##sys#get-argument |
Date: |
Sat, 2 Mar 2013 13:33:21 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hi Peter!
* Peter Bex <address@hidden> [130301 20:48]:
> Remember that when we fixed CVE-2012-6123, I intended to simplify a few
> procedures to prevent similar mistakes in the future? Here's a patch
> that does this for get-environment-variable and ##sys#get-argument.
>
> I don't know why these were hand-rolled in C; by my reckoning there's
> no good reason to do this. By using the FFI instead, we can reduce code
> bloat and make it more maintainable, too.
>
> There's exactly one difference that I've noticed: when passing an object
> of an invalid type or a string with a NUL byte in it, you no longer get
> an condition object with a location property in its "exn" subcondition.
> I think this is not a good enough reason to reject the patch; instead
> maybe we can try and see if we can improve the FFI to pass the location
> to its argument conversion/checking routines. This would be more
> generally useful for user code, as well!
>
> But that can be done later.
I have checked the usage of ##sys#get-argument and it has been used
only to get the program name and none of the (SVN) eggs used it.
So I took the liberty of changing the patch to get rid of it. As
it is the version is not safe when passing negative indices (as you
mentioned on #chicken, this has been unsafe in the original version
too).
Attached is a modified version of your patch that does this. What
do you think?
Kind regards,
Christian
--
In the world, there is nothing more submissive and weak than
water. Yet for attacking that which is hard and strong, nothing can
surpass it. --- Lao Tzu
0001-Remove-sys-get-argument-and-simplify-get-environment.patch
Description: Text document