[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#930908: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

On 2019-06-22 10:51:35 +0200, Vincent Lefevre wrote:
>   execve("/home/vinc17/bin/sh.screen", ["sh", "-c", "less ''/var/tmp/_.txt''"], 0x564ffe666f40 /* 132 vars */) = 0
> 
> i.e. the filename is eventually not quoted!
> 
> Here the filename is sanitized, but I'm not sure that this is always
> the case (there's a mailcap_sanitize option that can be set to "no",
> even though this is strongly discouraged). [...]

After reading the Mutt code, %s is not affected by this
mailcap_sanitize option: there is no attempt to sanitize
the filename in rfc1524.c, probably because the filename
is expected to have been sanitized earlier, but I don't
know whether this is always the case.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: