On Sun, Jan 04, 2009 at 10:38:57PM -0800, Robert Spier wrote: > This is really just papering over the issue, as it doesn't actually > validate the contents of 'me', which could still potentially contain > bad data. But as this doesn't actually make anything *worse* and > fixes your case, applied as r967.
I'm not sure what "bad data" could be here. All we're going to do is print it out and hash it for the cram-md5 verification. The only problem was that we were using potentially unknown data in a format string, which is exactly what is fixed. > The "right" way to fix this is a lot more work involves abstracting > all the config stuff away behind a config validation layer. This case would still have been a problem, though, as config data might contain percent signs (probably not 'me', but if you are talking about a general config fix, it can't be foolproof for this type of problem). > I don't remember if we support taint mode in general or not. It's turned on by the #! line at the top of all of the scripts in the SVN repo. -Peff
