Although I'm not experienced developer of Windows, I will check.B ut my reply would be in next week (because now I'm out of my office). Anyway, I prefer the removal of Ghostscript dependency...
Regards, mpsuzuki Albert Astals Cid wrote: > You can do > pdftohtml -c -dev 'jpeg /dev/null;cat /etc/passwd;#' /path/to/some/pdf/fil > and voila, you'll get your /etc/passwd printed on screen > > Definitely not nice. > > This is because we are using plain system() to run the gs command and it's > easy to inject stuff there > > The poors man solution is trying to escape the strings but it's really > impossible. > > The real solution is moving to a fork+exec solution (path attached). > > The problem with that is that we loose support for platforms with system() > and without fork+exec (Windows). > > So here comes my question, anyone with Windows experience can implement a > path for my patch that works fine? > > Another solution would be just killing the gs invokation from pdftohtml since > i don't really see it's point. > > Comments? > > Cheers, > Albert > > > ------------------------------------------------------------------------ > > _______________________________________________ > poppler mailing list > [email protected] > http://lists.freedesktop.org/mailman/listinfo/poppler _______________________________________________ poppler mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/poppler
