On Fri, Jun 21, 2019 at 02:09:53PM -0700, Kevin J. McCarthy wrote:
The issue, though, is that the filename isn't always under the user's control. It has been a very long time without issue, but is there a possibility of program argument abuse that could lead to a security issue here?
Bah. Thanks everyone for your feedback. I did miss something: the output is sent through to mutt_rfc1524_expand_filename() -> mutt_adv_mktemp() which will create the file under $tmpdir. Even if that is empty, the filename will start with "/".
I'll review all the use cases, but I think we're okay.I don't think %t and %{} require special consideration but will think about them a bit more too.
-- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
