bug#66390: `man' allows to inject arbitrary shell code

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#66390: `man' allows to inject arbitrary shell code

From:	Max Nikulin
Subject:	bug#66390: `man' allows to inject arbitrary shell code
Date:	Mon, 9 Oct 2023 22:12:34 +0700
User-agent:	Mozilla Thunderbird

On 08/10/2023 12:28, Eli Zaretskii wrote:

Date: Sun, 8 Oct 2023 10:37:33 +0700 From: Max Nikulin

I had in mind using at least `shell-quote-argument'.

That doesn't work with 'man', which has its own ideas about quoting,
besides shell-related quoting.

I see usage of `shell-quote-argument' for completion where shell is notinvolved. During formatting there is parsing of references with someregular expressions to get (X) section suffix, but I have not noticedquoting. Certainly the code relies on spaces passed literally andsubstituted into shell command directly. If there were page names withspaces it would be a problem.

I mean passing through `shell-quote-argument' each word returned by`Man-translate-references'


P.S.

(defun Man-translate-cleanup (string)
  "Strip leading, trailing and middle spaces."
   ^^^^^^^^^^^^^

(Man-translate-cleanup " w")
" w"

?

[Prev in Thread]

Current Thread

[Next in Thread]

bug#66390: `man' allows to inject arbitrary shell code, (continued)

Prev by Date: bug#66423: 30.0.50; `vc-hg-log-edit-toggle-amend' eat the last character in Summary
Next by Date: bug#66420: remove the omnipresent 'Services' sub-menu from all pop-up menus (macOS)
Previous by thread: bug#66390: `man' allows to inject arbitrary shell code
Next by thread: bug#66390: `man' allows to inject arbitrary shell code
Index(es):
- Date
- Thread