Bug#433900: gocr: call to shell with unquoted user-supplied filenames

Cosimo Alfarano Fri, 18 Jul 2008 09:21:57 -0700

The problem is still there even in version 0.45 as in src/pnm.c line157:


        /* potential security vulnerability, if name contains tricks */
        /* example: gunzip -c dummy | rm -rf * */
        fp = popen(buf, "r");


the upstream is aware of it.

C.
--
Cosimo Alfarano <[EMAIL PROTECTED]>







--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#433900: gocr: call to shell with unquoted user-supplied filenames

Reply via email to