Hello, > Well, the HTML which htags generated with cgi option can't search on Win32 > Platform. > > I dig into the problem, I found that : > > htags/global.cgi : > open(PIPE, "-|") || exec '@globalpath@', '--result=ctags-xid', '-e', > $pattern; > > The problem is, the "-|" is not supported on Win32. > > So, I wrote this patch. > > Please review it.
It seems that the patch is vulnerable to the attack called 'OS command injection'. Since the method which uses 'open(PIPE, "-|") || exec' is safe in UNIX environment, I hesitate to change it. I will accept any patch for Windows if it works well without security hole and it doesn't influence UNIX environment. Anyway, thank you for your report. -- Shigio YAMAGUCHI <[EMAIL PROTECTED]> - Tama Communications Corporation PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3 _______________________________________________ Bug-global mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-global
