Stuart Henderson said: > On 2016/02/02 21:58, Landry Breuil wrote: > > Oh, and the code in src/int/file_magic.c even has a fallback to use file > > %s -b --mime-type called via popen().. > > It would be nice to kill the other options and use file(1) from base > as the only detection method, it is *loads* safer.
Well, the actual code is: | snprintf(command, sizeof(command), "file \"%s\" -b --mime-type", filename); Note double quotes. Of course no quoting is performed on filename. Thus: 1. If filename contains double quote, vifm sigfaults. 2. If filename is nasty, nasty things happen. Eg. I renamed a png image to "$(echo text)", and vifm opened it in vi. I guess filename "`doas rm -Rf $HOME/*`" will also pleasantly surprise user. -- Dmitrij D. Czarkoff
