>From 526db30546d45f71591043b884b8d3ea25c673db Mon Sep 17 00:00:00 2001
From: Florian Zumbiehl <address@hidden>
Date: Fri, 15 Mar 2013 06:58:42 +0100
Subject: [PATCH] csi: fix untrusted code execution by (load)ing ./.csirc

Remove (load)ing of ./.csirc on csi startup as it can lead to execution of
untrusted code.

Signed-off-by: Peter Bex <address@hidden>
---
 NEWS    |  4 ++++
 csi.scm | 12 +++++-------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/NEWS b/NEWS
index 4023338..c21c7cf 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
 4.8.2
 
+- Security fixes
+  - ./.csirc is no longer loaded from the current directory upon startup of csi,
+    which could lead to untrusted code execution. (thanks to Florian Zumbiehl)
+
 - Tools
   - csc: added "-oi"/"-ot" options as alternatives to "-emit-inline-file"
     and "-emit-type-file", respectively; "-n" has been deprecated.
diff --git a/csi.scm b/csi.scm
index b2b9f24..55a2ce8 100644
--- a/csi.scm
+++ b/csi.scm
@@ -1019,13 +1019,11 @@ EOF
 			  (cons (cadr p) (loop (cddr p)))) ) ]
 		[else '()] ) ) )
       (define (loadinit)
-	(let ([fn (##sys#string-append "./" init-file)])
-	  (if (file-exists? fn)
-	      (load fn)
-	      (let* ([prefix (chop-separator (or (get-environment-variable "HOME") "."))]
-		     [fn (string-append prefix "/" init-file)] )
-		(when (file-exists? fn) 
-		  (load fn) ) ) ) ) )
+	(and-let* ((home (get-environment-variable "HOME"))
+		   ((not (string=? home ""))))
+	  (let ((fn (string-append (chop-separator home) "/" init-file)))
+	    (when (file-exists? fn)
+		  (load fn) ) ) ) )
       (define (evalstring str #!optional (rec (lambda _ (void))))
 	(let ((in (open-input-string str)))
 	  (do ([x (read in) (read in)])
-- 
1.7.12