Hello all,
Though I don't know about Windows's shell,
I think that there is a possibility including a security hole.
For safety ensuring, let me comment out the code.
Those who thinks it is safe will be able to uncomment easily.
#if ($^O eq 'MSWin32') {
# open(PIPE, "$global_command" . " --result=ctags-xid $flags $pattern
|");
#} else {
...
#}
Regards,
Shigio
2016-03-09 14:55 GMT+09:00 Shigio YAMAGUCHI <[email protected]>:
> Hello specialists of Windows,
>
> Doesn't the following code have a security hole on WIndows?
>
> [global.cgi]
> if ($^O eq 'MSWin32') {
> open(PIPE, "/usr/local/bin/global" . " --result=ctags-xid $flags
> $pattern |");
> } ...
> [completion.cgi]
> if ($^O eq 'MSWin32') {
> open(PIPE, "/usr/local/bin/global" . " -${flags}e $q |");
> } ...
>
> Though GNU GLOBAL does not support Windows, we need to get rid of
> dangerous code.
> Thank you in advance.
>
> Regards,
> Shigio
>
> --
> Shigio YAMAGUCHI <[email protected]>
> PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
>
--
Shigio YAMAGUCHI <[email protected]>
PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
_______________________________________________
Bug-global mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-global
