This is the mail archive of the
insight-prs@sources.redhat.com
mailing list for the Insight project.
insight/61: insight doesn't properly quote saved preferences
- To: insight-gnats at sourceware dot cygnus dot com
- Subject: insight/61: insight doesn't properly quote saved preferences
- From: tromey at redhat dot com
- Date: 28 Nov 2000 16:58:29 -0000
- Reply-To: tromey at redhat dot com
>Number: 61
>Category: insight
>Synopsis: insight doesn't properly quote saved preferences
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Nov 28 09:03:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Tom Tromey
>Release: unknown-1.0
>Organization:
>Environment:
>Description:
The preference quoting code (escape_value and
unescape_value in prefs.tcl) is not safe. It
doesn't guarantee that an input string will correctly
be recreated. For instance the string "!%" will
be incorrectly transformed to "=" when read.
One fix would be to use a smarter encoding, for instance
the URL encoding.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: