From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Emanuel Berg via Users list for the GNU Emacs text editor Newsgroups: gmane.emacs.help Subject: Re: Printf and quoting in general, SQL injection in particular Date: Sat, 26 Jun 2021 09:57:48 +0200 Message-ID: <871r8p2h37.fsf@zoho.eu> References: <87pmwgdiyj.fsf@zoho.eu> <83y2b3tq07.fsf@gnu.org> <871r8vcrnm.fsf@posteo.net> <20210621141148.GA29347@tuxteam.de> <87zgvjcgh6.fsf@zoho.eu> <87h7hqviu4.fsf@zoho.eu> <87eecp2k6l.fsf@zoho.eu> Reply-To: Emanuel Berg Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="25280"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) To: help-gnu-emacs@gnu.org Cancel-Lock: sha1:q+/QroGSltB3VWBfBcDWk2EV9jI= Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Sat Jun 26 09:58:30 2021 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lx3Cv-0006OD-7v for geh-help-gnu-emacs@m.gmane-mx.org; Sat, 26 Jun 2021 09:58:29 +0200 Original-Received: from localhost ([::1]:47282 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lx3Cu-0005PW-7D for geh-help-gnu-emacs@m.gmane-mx.org; Sat, 26 Jun 2021 03:58:28 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:58518) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lx3Cc-0005PO-Ei for help-gnu-emacs@gnu.org; Sat, 26 Jun 2021 03:58:10 -0400 Original-Received: from ciao.gmane.io ([116.202.254.214]:40874) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lx3CQ-000528-Cj for help-gnu-emacs@gnu.org; Sat, 26 Jun 2021 03:58:10 -0400 Original-Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1lx3CP-0005dF-0r for help-gnu-emacs@gnu.org; Sat, 26 Jun 2021 09:57:57 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: help-gnu-emacs@gnu.org Mail-Copies-To: never Received-SPF: pass client-ip=116.202.254.214; envelope-from=geh-help-gnu-emacs@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: -15 X-Spam_score: -1.6 X-Spam_bar: - X-Spam_report: (-1.6 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.io gmane.emacs.help:131248 Archived-At: Yuri Khan wrote: >> Relax, this notion that you shouldn't construct file paths >> by string functions, nor SQL queries for that matter, and >> what more? hyperlinks? > > Hyperlinks, too. > > One of the requirements of URLs is that all non-ascii and > some ascii characters be %-encoded when used in the path or > query string, or punycode-encoded when used in the host > name: > > (let ((base "http://ru.wikipedia.org/wiki/") > (term "Гиперссылка") > (joined (concat base term))) > (assert (string= joined > "https://ru.wikipedia.org/wiki/%D0%93%D0%B8%D0%BF%D0%B5%D1%80%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0"))) > ;; alas, no > > Another rule is that resolving a relative reference > containing a path against a base URL will drop the last > segment of the base: > > (let ((base "http://example.org/foo") > (href "bar") > (resolved (concat base href))) > (assert (string= resolved "http://example.org/bar"))) ;; also no > > String concat does not know any of these rules. > > It is okay to represent file names, SQL queries, and URLs as > strings *internally*. It is okay to use string functions to > implement high-level domain-specific functions. In many > cases, interoperating with external code will also require > these things represented as strings. But it is a good idea > to use domain-specific functions to manipulate file names, > queries, and URLs, rather than string functions, because > this way you are less likely to violate those > types’ invariants. Interesting, what about typing? Not as error prone, because you see the result? So it is like a three stage hierarchy or procedure rather, 1. typing (just type, you see it anyway) 2. manipulate (domain-specific functions) 3. use (For hyperlinks, step 1 could be done with a lot of functions (protocol (domain (path (page (page-type ...) ? That'd just be grotesque. I don't know if that'd be more safe, really?) But OK, so instead of "anything goes, then verify input at step 3" - which is where it matters BTW - the approach is _type carefully_, then just exclusively use domain-specific manipulators. So all you have to care about is the typing part, because after that, it won't get messed up! I see the point, but - to be honest, string manipulation at this very basic level - and typing - I don't know, I feel kind of comfortable doing BOTH by now :) But never say never... I still don't understand what to replace my stuff with tho, (let*((emacs-dir "~/.emacs.d") (lisp-dir (format "%s/lisp" emacs-dir)) (init-dir (format "%s/emacs-init" emacs-dir)) (erc-dir (format "%s/erc" init-dir)) (gnus-dir (format "%s/gnus" init-dir)) (ide-dir (format "%s/ide" init-dir)) (w3m-dir (format "%s/w3m" init-dir)) (dirs (list lisp-dir init-dir erc-dir gnus-dir ide-dir w3m-dir ))) ... -- underground experts united https://dataswamp.org/~incal