From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Florian Weimer <fw@deneb.enyo.de>
Newsgroups: gmane.emacs.devel
Subject: Re: Emacs Lisp's future
Date: Sat, 11 Oct 2014 20:34:44 +0200
Message-ID: <878ukmo3p7.fsf@mid.deneb.enyo.de>
References: <54193A70.9020901@member.fsf.org>
	<87lhp6h4zb.fsf@panthera.terpri.org>
	<87k34qo4c1.fsf@fencepost.gnu.org> <54257C22.2000806@yandex.ru>
	<83iokato6x.fsf@gnu.org> <87wq8pwjen.fsf@uwakimon.sk.tsukuba.ac.jp>
	<837g0ptnlj.fsf@gnu.org> <87r3yxwdr6.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87tx3tmi3t.fsf@fencepost.gnu.org> <834mvttgsf.fsf@gnu.org>
	<jwvoau19n3n.fsf-monnier+emacs@gnu.org>
	<87lhp5m99w.fsf@fencepost.gnu.org>
	<jwviok99jki.fsf-monnier+emacs@gnu.org>
	<87h9ztm5oa.fsf@fencepost.gnu.org>
	<jwvd2ah9hve.fsf-monnier+emacs@gnu.org>
	<87d2ahm3nw.fsf@fencepost.gnu.org>
	<jwv1tqx9ea3.fsf-monnier+emacs@gnu.org>
	<E1XYNnY-0005Zo-Kz@fencepost.gnu.org> <871tqneyvl.fsf@netris.org>
	<E1XatgY-00062K-7y@fencepost.gnu.org> <87d2a54t1m.fsf@yeeloong.lan>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1413052529 17825 80.91.229.3 (11 Oct 2014 18:35:29 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sat, 11 Oct 2014 18:35:29 +0000 (UTC)
Cc: dak@gnu.org, rms@gnu.org, dmantipov@yandex.ru, emacs-devel@gnu.org,
	handa@gnu.org, monnier@iro.umontreal.ca, eliz@gnu.org, stephen@xemacs.org
To: Mark H Weaver <mhw@netris.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Oct 11 20:35:22 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xd1Vh-0001R6-AU
	for ged-emacs-devel@m.gmane.org; Sat, 11 Oct 2014 20:35:21 +0200
Original-Received: from localhost ([::1]:54978 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xd1Vg-0004EU-UX
	for ged-emacs-devel@m.gmane.org; Sat, 11 Oct 2014 14:35:20 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:39080)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>) id 1Xd1VY-0004EO-25
	for emacs-devel@gnu.org; Sat, 11 Oct 2014 14:35:18 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>) id 1Xd1VR-00047I-N3
	for emacs-devel@gnu.org; Sat, 11 Oct 2014 14:35:11 -0400
Original-Received: from albireo.enyo.de ([46.237.207.196]:57160)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fw@deneb.enyo.de>)
	id 1Xd1VD-0003rR-5J; Sat, 11 Oct 2014 14:34:51 -0400
Original-Received: from [172.17.203.2] (helo=deneb.enyo.de)
	by albireo.enyo.de with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
	id 1Xd1V7-0004d5-29; Sat, 11 Oct 2014 20:34:45 +0200
Original-Received: from fw by deneb.enyo.de with local (Exim 4.80)
	(envelope-from <fw@deneb.enyo.de>)
	id 1Xd1V6-0001WM-1S; Sat, 11 Oct 2014 20:34:44 +0200
In-Reply-To: <87d2a54t1m.fsf@yeeloong.lan> (Mark H. Weaver's message of "Mon, 
	06 Oct 2014 02:21:41 -0400")
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy]
X-Received-From: 46.237.207.196
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:175264
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/175264>

* Mark H. Weaver:

> To give an example, consider a procedure that needs to pass a string
> from an untrusted source to an SQL query.  To do this safely, it needs
> to quote the string.  I haven't researched how to properly quote SQL
> string literals, but in general, quoting is typically done by
> recognizing some set of special characters that must be escaped, and
> allowing all other characters through unmodified.

For are truly robust solution, you need parameterized queries.  Most
database servers support other encodings besides UTF-8, and the
required quoting logic can be quite complicated.

> However, "raw byte" code points can be used to bypass such a quoting
> mechanism, and thus send an unescaped closing quote to the SQL database
> followed by arbitrary SQL commands.

This can happen with certain multi-byte character sets as well.

> UTF-8 decoders are supposed to detect and reject these "overlong"
> encodings, but it is likely that many programs fail to do this.

That's not very common anymore.

> To cope with this, the Unicode standards require that UTF-8 codecs
> reject overlong encodings and other invalid byte sequences.  This is in
> direct conflict with the idea of "raw byte" code points, whose purpose
> is to be tolerant of arbitrary byte sequences and to propagate them
> unchanged.

The charset conversion functionality could support binary-transparent
UTF-8 and pure UTF-8 at output boundaries.  This way, the application
can make a choice.