From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Jean Louis Newsgroups: gmane.emacs.help Subject: Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way] Date: Tue, 22 Jun 2021 21:01:59 +0300 Message-ID: References: <871r8vcrnm.fsf@posteo.net> <20210621141148.GA29347@tuxteam.de> <20210621211547.GA12274@tuxteam.de> <87pmwevjbs.fsf@zoho.eu> <83bl7yumh1.fsf@gnu.org> <8335taujt6.fsf@gnu.org> <83y2b1ubqt.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="26641"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mutt/2.0.7+183 (3d24855) (2021-05-28) Cc: help-gnu-emacs@gnu.org To: Eli Zaretskii Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Tue Jun 22 20:06:53 2021 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lvknU-0006d9-PQ for geh-help-gnu-emacs@m.gmane-mx.org; Tue, 22 Jun 2021 20:06:52 +0200 Original-Received: from localhost ([::1]:49968 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lvknT-0003Oz-Op for geh-help-gnu-emacs@m.gmane-mx.org; Tue, 22 Jun 2021 14:06:51 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:35984) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lvkn1-0003NE-NG for help-gnu-emacs@gnu.org; Tue, 22 Jun 2021 14:06:24 -0400 Original-Received: from stw1.rcdrun.com ([217.170.207.13]:48723) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lvkmz-0002HA-TY; Tue, 22 Jun 2021 14:06:23 -0400 Original-Received: from localhost ([::ffff:197.157.0.61]) (AUTH: PLAIN admin, TLS: TLS1.3,256bits,ECDHE_RSA_AES_256_GCM_SHA384) by stw1.rcdrun.com with ESMTPSA id 0000000000076021.0000000060D22696.000018C1; Tue, 22 Jun 2021 11:06:14 -0700 Mail-Followup-To: Eli Zaretskii , help-gnu-emacs@gnu.org Content-Disposition: inline In-Reply-To: <83y2b1ubqt.fsf@gnu.org> Received-SPF: pass client-ip=217.170.207.13; envelope-from=bugs@gnu.support; helo=stw1.rcdrun.com X-Spam_score_int: -3 X-Spam_score: -0.4 X-Spam_bar: / X-Spam_report: (-0.4 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_SORBS_WEB=1.5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.io gmane.emacs.help:131202 Archived-At: * Eli Zaretskii [2021-06-22 19:14]: > And my point is that it is dangerous (a.k.a. "wrong") using string > functions on file names when there are specially-designed file-name > functions for those use cases. Because those special-purpose > functions are there for a reason, and disregarding those reasons is > asking for trouble. Like using string comparison for comparing file > names: that was actually a reason for quite a few bugs in our code. > My point was trying to prevent people from making those same mistakes. I agree that dedicated file functions should be used whenever possible. Now I am looking in some of my functions to review that: People have their ID number, so directory may exist for each person. But I cannot see a possibility to work with file paths that are structured without using string functions. I can maybe verify if some possible string represents directory or file, if it exists or if it is readable, but more than that, I would not know practically what to do. Maybe my scope of using such generated file paths is out of the mentioned scope. To summarize, it is better to use file related functions whenever possible, checking if it is directory, using functions like `file-name-as-directory' and so on. Avoiding string functions related to files seem to be now impossible. Like here below I have to `concat' or concatenate directory with the file base name, as when I do "filing" it is rather filed by year/month/date and either `concat' or format' has to be used. (dolist (file files) (let* ((basename (file-name-nondirectory file)) (target (concat date-dir basename)) (target (rcd-unique-file-name target))) (if (file-exists-p file) (progn (message (format "cf/file-by-contact: moving \"%s\" to \"%s\"" file target)) (rename-file file target)) (error (format "File does not exist: %s" file))))))) (defun cf-directory-by-id (id) "Opens the dired directory for ID" (let* ((dir (dir-id id))) (unless (file-directory-p dir) (make-dir-id id)) (dired dir))) (defun dir-id (id) "Returns directory for contact ID" (format "%s/%s/" (rcd-crm-directory-by-id) id)) (defun rcd-crm-directory-by-id () (concat (rcd-crm-directory) "/" (cadr (rcd-crm-directory-data)))) (defun rcd-crm-directory-data () "Returns default CRM related directories" (let* ((sql "SELECT defaults_crmdir, defaults_crmbyid, defaults_crmbyname, defaults_crmdiraccount FROM defaults") (dirs (rcd-sql-first sql cf-db)) (crmdir (aref dirs 0)) (crmbyid (aref dirs 1)) (crmbyname (aref dirs 2)) (crmdiraccount (aref dirs 3))) (list crmdir crmbyid crmbyname crmdiraccount))) (defun rcd-crm-directory () (car (rcd-crm-directory-data))) (defun rcd-crm-directory-by-id () (concat (rcd-crm-directory) "/" (cadr (rcd-crm-directory-data)))) I can now think of safer functions something like: `file-concat' that could or make sure that concatenated directories and file on the end exist or not.