bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability

From:	lux
Subject:	bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Date:	Sun, 27 Nov 2022 11:05:37 +0800
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0

On 2022/11/27 01:11, Eli Zaretskii wrote:

Date: Sun, 27 Nov 2022 01:03:10 +0800
Cc: stefankangas@gmail.com, 59544@debbugs.gnu.org
From: lux <lx@shellcodes.org>

I'm going to add the xxx parameter. If it is true, the line break will
be kept. Is this logic consistent with what you expressed? thank you
very much.

Much simpler:

static ptrdiff_t
readline_internal (linebuffer *lbp, FILE *stream, char const *filename, bool 
leave_cr)
{
  [...]
       if (c == '\n')
        {
          if (!leave_cr && p > buffer && p[-1] == '\r')
            {
  [...]

IOW, when this flag is TRUE, don't process \r specially.

Thanks.

Ok, edited and added test case, and move the patch code to the newfunction `clean_matched_file_tag`.


Thanks.

0001-Fixed-ctags-local-command-execute-vulnerability.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, (continued)

Prev by Date: bug#59624: Usning global-mode-string for small screens
Next by Date: bug#59612: 29.0.50; Eshell: The behavior of conditionals depends on whitespace
Previous by thread: bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Next by thread: bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Index(es):
- Date
- Thread