system() & user input
- From: "Andrew V. Samoilov" <kai cmail ru>
- To: Pavel Roskin <proski gnu org>, mc-devel gnome org
- Subject: system() & user input
- Date: Fri, 06 Sep 2002 17:48:56 +0300
There are some places in biultin editor, where systen() is called with
unchecked user input.
For example pipe_mail(), edit_sort_cmd() and edit_block_process_cmd() in
edit/editcmd.c, but user input is not checked. It will be nice to use
mc_doubleopen() there to prevent possible security and data loss issue
there.
--
Regards,
Andrew V. Samoilov.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
