[patch] alpha_strcpy for HEAD

Andrew Bartlett abartlet at pcug.org.au
Fri Jan 18 02:57:02 GMT 2002

Alexander Bokovoy wrote:
> On Fri, Jan 18, 2002 at 08:17:44PM +1100, Andrew Bartlett wrote:
> > > This patch just allow consider _all_ letters (including multibute ones
> > > in e.g. UTF-8) as valid symbols.
> > Can you tell me that all letters won't include \ ' / " * @ ! .. within
> > that multibyte sequence?
> >
> > Can you tell me that they wont include a byte of value 255?  That it
> > won't inlude *any shell metacharacter*?
> Please note that byte of value 255 is _valid_ letter (CYRILLIC SMALL
> LETTER YA, <U044F>) in encoding CP1251 which is native Unix encoding for
> Bulgarian and Belarusian langauges. Disabling it you're risking to break
> support for those languages at all.

This makes my point rather well actually.

If sombody sends us this (special to some shells) char what should we
do?  Its a perfectly vaild char that we don't want to mess with, but it
could also allow an exploit on particualr systems in particuar

This is why I think we need a better way to 'vet' this incoming data. 

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list