bug#61201: Installation hint crashes when user names contain at sign
Ludovic Courtès writes:
> Ludovic Courtès skribis:
>
>> A funny thing was reported earlier today on the Café Guix channel:
>>
>> $ guix install hello [17:52]
>> building profile with 5 packages...
>> hint: Backtrace:
>
> [...]
>
>> In guix/ui.scm:
>> 312:5 6 (display-hint _ )
>> 1451:24 5 (texi->plain-text )
>> In texinfo.scm:
>> 1132:22 4 (parse )
>>980:31 3 (loop # (fragment) _ _ )
>>967:36 2 (loop # #f # ?)
>> 92:2 1 (command-spec )
>> In ice-9/boot-9.scm:
>> 1685:16 0 (raise-exception _ #:continuable? )
>>
>> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
>> Throw to key #E1E1E1">parser-error' with args(#f "Unknown command" univ)'.
>
> Here’s one way to reproduce the bug, showing a crash in ‘display-hint’
> due to an unescaped brace:
>
> $ mkdir /tmp/x{ample
> $ touch /tmp/x{ample/guix.scm
> $ (cd '/tmp/x{ample' ; guix shell)
> guix shell: error: not loading '/tmp/x{ample/guix.scm' because not authorized
> to do so
> hint: Backtrace:
> 13 (primitive-load "/home/ludo/.config/guix/current/bin/guix")
> In guix/ui.scm:
>2279:7 12 (run-guix . _)
> 2242:10 11 (run-guix-command _ . _)
> In ice-9/boot-9.scm:
> 1752:10 10 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
> In guix/scripts/shell.scm:
>308:15 9 (_)
> In guix/ui.scm:
> 312:5 8 (display-hint _ _)
> 1451:24 7 (texi->plain-text _)
> In texinfo.scm:
> 1132:22 6 (parse _)
>980:31 5 (loop # (*fragment*) _ _ _)
>980:31 4 (loop # #f _ _ _)
>911:31 3 (loop # #f #
> #f _)
>746:27 2 (_ # #f (example smallexample
> verbatim lisp smalllisp menu w %) # …)
> In sxml/ssax/input-parse.scm:
> 88:2 1 (next-token _ _ _ _)
> In ice-9/boot-9.scm:
> 1685:16 0 (raise-exception _ #:continuable? _)
>
> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
> Throw to key `parser-error' with args `(# "EOF
> while reading a token " "reading char data")'.
>
> Ludo’.
Would it be heresy to recommend that plain strings and strings that
contain texinfo markup be separate types to catch this sort of thing?
In 2023 it's pretty embarrassing to have bugs that are basically SQL
injections.
bug#61201: Installation hint crashes when user names contain at sign
Ludovic Courtès skribis:
> A funny thing was reported earlier today on the Café Guix channel:
>
> $ guix install hello [17:52]
> building profile with 5 packages...
> hint: Backtrace:
[...]
> In guix/ui.scm:
> 312:5 6 (display-hint _ )
> 1451:24 5 (texi->plain-text )
> In texinfo.scm:
> 1132:22 4 (parse )
>980:31 3 (loop # (fragment) _ _ )
>967:36 2 (loop # #f # ?)
> 92:2 1 (command-spec )
> In ice-9/boot-9.scm:
> 1685:16 0 (raise-exception _ #:continuable? )
>
> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
> Throw to key #E1E1E1">parser-error' with args(#f "Unknown command" univ)'.
Here’s one way to reproduce the bug, showing a crash in ‘display-hint’
due to an unescaped brace:
--8<---cut here---start->8---
$ mkdir /tmp/x{ample
$ touch /tmp/x{ample/guix.scm
$ (cd '/tmp/x{ample' ; guix shell)
guix shell: error: not loading '/tmp/x{ample/guix.scm' because not authorized
to do so
hint: Backtrace:
13 (primitive-load "/home/ludo/.config/guix/current/bin/guix")
In guix/ui.scm:
2279:7 12 (run-guix . _)
2242:10 11 (run-guix-command _ . _)
In ice-9/boot-9.scm:
1752:10 10 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
In guix/scripts/shell.scm:
308:15 9 (_)
In guix/ui.scm:
312:5 8 (display-hint _ _)
1451:24 7 (texi->plain-text _)
In texinfo.scm:
1132:22 6 (parse _)
980:31 5 (loop # (*fragment*) _ _ _)
980:31 4 (loop # #f _ _ _)
911:31 3 (loop # #f #
#f _)
746:27 2 (_ # #f (example smallexample verbatim
lisp smalllisp menu w %) # …)
In sxml/ssax/input-parse.scm:
88:2 1 (next-token _ _ _ _)
In ice-9/boot-9.scm:
1685:16 0 (raise-exception _ #:continuable? _)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
Throw to key `parser-error' with args `(# "EOF
while reading a token " "reading char data")'.
--8<---cut here---end--->8---
Ludo’.
bug#61201: Installation hint crashes when user names contain at sign
A funny thing was reported earlier today on the Café Guix channel: --8<---cut here---start->8--- $ guix install hello [17:52] building profile with 5 packages... hint: Backtrace: 17 (primitive-load "/usr/local/bin/guix") In guix/ui.scm: 2279:7 16 (run-guix . ) 2242:10 15 (run-guix-command _ . ) In ice-9/boot-9.scm: 1752:10 14 (with-exception-handler _ _ #:unwind? _ # ) In guix/status.scm: 835:3 13 () 815:4 12 (call-with-status-report _ ) In guix/store.scm: 1300:8 11 (call-with-build-handler _ ) 1300:8 10 (call-with-build-handler # ?) In guix/build/syscalls.scm: 1440:3 9 () 1407:4 8 (call-with-file-lock/no-wait _ _ ) In guix/scripts/package.scm: 325:7 7 (build-and-use-profile _ "/var/guix/profiles/per-user/?" ?) In guix/ui.scm: 312:5 6 (display-hint _ ) 1451:24 5 (texi->plain-text ) In texinfo.scm: 1132:22 4 (parse ) 980:31 3 (loop # (fragment) _ _ ) 967:36 2 (loop # #f # ?) 92:2 1 (command-spec ) In ice-9/boot-9.scm: 1685:16 0 (raise-exception _ #:continuable? ) ice-9/boot-9.scm:1685:16: In procedure raise-exception: Throw to key #E1E1E1">parser-error' with args(#f "Unknown command" univ)'. --8<---cut here---end--->8--- This is because the user name ends in “@univ…”, which ‘display-hint’ interprets as Texinfo. Ludo’.
