-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi.
I too still fail to see what's the actual problem. The test utility does exactly what it's supposed to do. Of course if you're using a poor method to parse the query string and then pass the bits unchecked to "test" it could result in some weird side effects. I was once bitten by that, we spend hours to find a resonable secure approach to parse a query strings with bash, only to find later that it was easy to circumvent by settings "IFS" via the url. So we extended the function to skip IFS, only to see that ...&I\FS=... works too... d'oh. Conclusion: Use a better tool (tm) for the job, always prefix vars to avoid the possibility to pollute you current namespace, perform careful input checking. ~ JoW -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpjbPMACgkQdputYINPTPPWHACgm4lcahXSHiFxPqFk26iioDpG TvcAoJtZEYo/fIUv4Mw644uAmfUtGbU5 =qi21 -----END PGP SIGNATURE----- _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
