[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
system() & user input
- From: "Andrew V. Samoilov" <kai cmail ru>
- To: Pavel Roskin <proski gnu org>, mc-devel gnome org
- Subject: system() & user input
- Date: Fri, 06 Sep 2002 17:48:56 +0300
There are some places in biultin editor, where systen() is called with
unchecked user input.
For example pipe_mail(), edit_sort_cmd() and edit_block_process_cmd() in
edit/editcmd.c, but user input is not checked. It will be nice to use
mc_doubleopen() there to prevent possible security and data loss issue
there.
--
Regards,
Andrew V. Samoilov.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]