This is the mail archive of the insight-prs@sources.redhat.com mailing list for the Insight project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

insight/61: insight doesn't properly quote saved preferences



>Number:         61
>Category:       insight
>Synopsis:       insight doesn't properly quote saved preferences
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 28 09:03:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     Tom Tromey
>Release:        unknown-1.0
>Organization:
>Environment:

>Description:
The preference quoting code (escape_value and
unescape_value in prefs.tcl) is not safe.  It
doesn't guarantee that an input string will correctly
be recreated.  For instance the string "!%" will
be incorrectly transformed to "=" when read.

One fix would be to use a smarter encoding, for instance
the URL encoding.
>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]