Re: [Chicken-hackers] CHICKEN in production

Hi, The danger could be avoided by a taint bit: if the string is known to not contain \0, it can be passed directly. Otherwise, it needs to be checked and marked if it's safe. If it's unsafe, an exception can be thrown. IMO the better approach is simply to forbid NUL in strings

Re: [Chicken-hackers] CHICKEN in production

Hi, Take JSON as an example: JSON character strings can encode NULs, so if CHICKEN were to reject NULs in character strings, you could not write a JSON parser in CHICKEN. That's technically true, but where will you find a JSON document in the wild that contains \u? JSON parsers

Re: [Chicken-hackers] CHICKEN in production

Hi, JSON is an interesting example since it started out as a potential security issue because it was proposed before parsers existed, and there was a tendency to just use Eval to parse. Maybe not the best place to look for safe coding practices. I don't really get what your point is here?!

Re: [Chicken-hackers] [PATCH] Avoid context switch during TCP errno reporting

Hi, Doing a real READY? procedure is IMHO not going to work without a single-fd poll. ioctl(FIONREAD)? Regards, Florian ___ Chicken-hackers mailing list Chicken-hackers@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-hackers

Re: [Chicken-hackers] [PATCH 3/4] Remove ##sys#expand-home-path.

Hi, If we keep the ~-expansion, any safe code that use the filesystem API will have to resort to tricks like (operation (if (absolute-pathname? the-path) the-path (make-pathname (current-directory) the-path))) to guard against input that would cause

Re: [Chicken-hackers] [PATCH] ##sys#read: don't drop first character of octal escape in error msg

Hi, Would what git format-patch's --attach produces help you? Not sure whether that actually would work with my workflow, but I could try it ... I don't know what that will do, but maybe you can give it a try on your next patch. As long as it produces an email that looks like everyone

[Chicken-hackers] [PATCH 1/2] tcp: disable interrupts

Add (declare (disable-interrupts)) to tcp so that errno doesn't get changed at inappropriate points during execution. --- I don't really have a clue whether this is the correct way to do it, but the code that was breaking before is not breaking anymore with this patch applied ... tcp.scm |1

[Chicken-hackers] [PATCH 2/2] tcp: fix file descriptor leaks and don't clobber errno

Fix file descriptor leaks in tcp that happen in case of exceptions before ports or a listener get returned to the caller. Also, save and restore errno around the cleanup close() calls so that the error messages report the original failure even if close() modified errno. --- tcp.scm | 66

[Chicken-hackers] [PATCH 4/4] files split-directory: don't split on backslashes on non-windows

--- files.scm |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/files.scm b/files.scm index 54beacf..706d103 100644 --- a/files.scm +++ b/files.scm @@ -412,7 +412,7 @@ EOF (define split-directory (lambda (loc dir keep?) (##sys#check-string dir loc) -

[Chicken-hackers] [PATCH 3/4] Remove ##sys#expand-home-path.

Remove ##sys#expand-home-path as shell expansion has no place in a filesystem API. --- Feel free to disagree--I thought it's better to start with an actual patch than with with a purely theoretical discussion of the issue. eval.scm |2 - files.scm|3 +- library.scm

Re: [Chicken-hackers] [PATCH 2/4] csi: fix untrusted code execution by (load)ing ./.csirc

Hi, On Fri, Mar 15, 2013 at 06:58:42AM +0100, Florian Zumbiehl wrote: Remove (load)ing of ./.csirc on csi startup as it can lead to execution of untrusted code. This is pretty serious. I'll request a CVE and issue an advisory shortly, once this patch has gone in. Attached is a slightly

[Chicken-hackers] [PATCH] tcp-listen: allow port 65535

Port 65535 is a perfectly valid TCP port which so far was rejected by tcp-listen. --- tcp.scm |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tcp.scm b/tcp.scm index 5a9e2e1..cc68def 100644 --- a/tcp.scm +++ b/tcp.scm @@ -251,7 +251,7 @@ EOF (define (##net#bind-socket

[Chicken-hackers] [PATCH 1/2] write: escape DEL character in strings

Encode DEL (ASCII character 127) in strings as \x7f instead of as literal DEL in write. --- library.scm |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/library.scm b/library.scm index 27d543f..89eb6bd 100644 --- a/library.scm +++ b/library.scm @@ -3301,7 +3301,8 @@ EOF

[Chicken-hackers] [PATCH 2/2] extras/pretty-print: escape control characters in strings

Make pretty-print encode control characters in strings as escape sequences rather than as literal bytes, the same way write does it. --- extras.scm | 29 +++-- 1 files changed, 19 insertions(+), 10 deletions(-) diff --git a/extras.scm b/extras.scm index 0e8b144..8cdbf4a

[Chicken-hackers] [patch] Bind: parsing of pointers to const

Hi, currently, the bind egg parses const char * as (const (c-pointer char)), even though that's the type signature of a pointer to constant characters and not of a constant pointer to characters. The patch below fixes that--though I am not sure whether the parsing strategy wouldn't actually need

[Chicken-hackers] [patch] utils: qs not escaping pipes

Hi, I noticed that qs doesn't escape pipe characters. I suggest the patch below, which not only makes it so that pipes get escaped, but it also switches away from the blacklist approach, which invariably doesn't work ;-) Regards, Florian