e075483771
system(3) calls where user-supplied data is used with no sanity checking. Since ctags(1) is not setuid and is not likely to be used in a privileged situation, this is not a big deal. However, the fix is relatively easy and less ugly than the current code, let's be safe. (I'm sure there are about 2^134 other system(3) calls like this out there.) [0] On freebsd-security by Roman Bogorodskiy <bogorodskiy@inbox.ru> with subject "ctags(1) command execution vulnerability." MFC after: 3 days |
||
---|---|---|
.. | ||
test | ||
C.c | ||
ctags.1 | ||
ctags.c | ||
ctags.h | ||
fortran.c | ||
lisp.c | ||
Makefile | ||
print.c | ||
tree.c | ||
yacc.c |