Quoting Michael Van Canneyt <[EMAIL PROTECTED]>: > > > On Mon, 22 Aug 2005, Mattias Gaertner wrote: > > > On Mon, 22 Aug 2005 10:45:04 +0300 > > Ido Kanner <[EMAIL PROTECTED]> wrote: > > > >> Hello all, > >> > >> There is a security advisory regarding SynEdit. > >> > >> Don't warry it's not that bad :) > > > > Yes it is.
Well in security issues, it is not bad I would rate it low, and if I had a lower rating it was there instead :) The reason is because its just hide information... it does not do anything else. It is not a DoS, or a Buffer Overflow or hurt anything ... only hide information... > > > > > >> It seems that by placing NULL Zerrow chars inside a text file, you can > >> hide from that point, the rest of the file content. That way I can give > >> you a code that may seems like implemention something X but hide more > code > >> that will be compiled at the end by a programming language etc... > >> > >> The advisory btw was reported at: http://rgod.altervista.org/syn.html > >> > >> BTW I hope that there will be much more securiy advisory for Pascal based > >> programs/components. That way we will know that more and more people uses > >> this type of programs (Now I open Pandora's box) :) > > > > I fixed TSynPasSyn and TSynPHPSyn. Probably the other highlighters also > have > > the problem. > > > > But what more troubling is, that the FCL TStrings, TStringList stop at #0 > > and some parts of synedit too. Because of this you can loose code and > that's > > pretty bad. There should be a filter for a null terminited string that will convert it to #0 string or will just remove it... in PHP it is more sevear. > > I don't see how you can loose code. If there is a #0 somewhere in your > source, > the compiler won't compile it, this is for sure. You do not loose code... only you do not see it. Lets assume you wrote a PHP code for example: <?php echo "hello world"; php?> #0 <?php `rm -rf /`; php?> You will not see the "`" chars and the execution itself... > > What is more, delphi has the same behaviour. It's the string way behavior. In delphi it meant that you can not concat string with "#0" without remove that char. And it seems that FPC is the same with that behavior. > > But the FCL should be fixed, this is for sure. > > Michael. Ido _________________________________________________________________ To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject archives at http://www.lazarus.freepascal.org/mailarchives
