bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability

From:	Stefan Kangas
Subject:	bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Date:	Fri, 25 Nov 2022 00:56:32 -0800

"lux" <lx@shellcodes.org> writes:

>> Hmm, I'm not sure about the hard-coded 512 character line limit here.
>> ISTR that some people use much longer lines than that.
>
> Hi, do you have any suggestions? At present, I think hardcoding 512 is
> enough, thanks :-)

No idea, really.  2^16?  2^20?

But why not allocate it dynamically, getting rid of any such arbitrary
limits?  AFAIU, grep (which we used before) doesn't have such limits, so
I fear that we otherwise risk introducing regressions.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/24
- bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/24
  - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas, 2022/11/24
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/24
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/24
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas <=
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, lux, 2022/11/25
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas, 2022/11/26
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/26
    - Message not available
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Eli Zaretskii, 2022/11/26
    - bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability, Stefan Kangas, 2022/11/26

Prev by Date: bug#59565: Eglot should use file uris
Next by Date: bug#59565: Eglot should use file uris
Previous by thread: bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Next by thread: bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability
Index(es):
- Date
- Thread