Hi hhaamu,
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2008-01-27 20:37]:
> Comix uses insufficient shell escaping when calling external programs
> (rar/unrar, jpegtran)
>
>
> 6280 files = \
> 6281 os.popen(self.rar + ' vb "' + path +
> 6282 '"').readlines()
>
>
> 6305 os.popen(self.rar + ' p -inul -- "' + path
> + '" "' +
> 6306 cover + '" > "' + thumb_dir +
> 6307 '/temp" 2>/dev/null', "r").close()
>
>
> 8736 os.popen(
> 8737 self.rar + ' x "' + src_path + '" "' + dst_path
> + '"')
>
>
> 9171 os.popen(self.jpegtran + ' -copy all -trim ' + operation +
> 9172 ' -outfile "' + self.file[self.file_number] + '" "' +
> 9173 self.file[self.file_number] + '"')
>
> This all bombs out when faced with file or directory names that contain
> the double quote character (") or a backslash.Confirmed this issue, requesting a CVE id for this. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgprrSGGQexWA.pgp
Description: PGP signature
