Patrice Dumas wrote: > I have attched an updated version with the changes in indentation.
Applied. Thanks. > > - What's the point of the 'eval'? Can't you get rid of it? And if not, > > then make it safer by writing > > cmd="\\$SETLANG \\$MAKEINFO \\$commonarg --trace-includes \"\\$base\"" > > I am not competent enough to know what to do here, I just mimicked the > other MAKEINFO invokations. Indeed: if there is a problem with this new 'eval' occurrence, there is also a problem with the existing 'eval's. > I didn't as I think that it should not be changed at that occasion, but > rather all the $MAKEINFO invokations should be changed consistently. Agreed. Let's hope that it's not an exploitable vulnerability. Bruno
