[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-janitors] #713: bb egg may error out with format security i
From: |
Chicken Trac |
Subject: |
Re: [Chicken-janitors] #713: bb egg may error out with format security issue |
Date: |
Thu, 13 Oct 2011 23:26:31 -0000 |
#713: bb egg may error out with format security issue
-------------------------+--------------------------------------------------
Reporter: zbigniew | Owner: felix
Type: defect | Status: assigned
Priority: major | Milestone:
Component: extensions | Version:
Resolution: | Keywords: bb egg security
-------------------------+--------------------------------------------------
Changes (by zbigniew):
* owner: zbigniew => felix
* status: new => assigned
Comment:
Patch is good. I tested it with:
{{{
(bb:message "Hi %d")
(bb:message 'message "Hi %d")
(bb:message 'alert "Hi %d")
(bb:message 'ask "Hi %d")
(bb:message 'choice "Word? %d" "foo" "bar" "baz")
(bb:get-input "Enter a string %d:" "Default value")
}}}
and on the old version you'll get a garbage number displayed, on the new
one you get a literal %d.
Patch also fixes use of fl_ask where fl_choice was meant.
Feel free to apply if looks okay, or I will be happy to apply myself.
--
Ticket URL: <http://bugs.call-cc.org/ticket/713#comment:1>
Chicken Scheme <http://www.call-with-current-continuation.org/>
Chicken Scheme is a compiler for the Scheme programming language.