Re: [Chicken-hackers] [PATCH] Simplify get-environment-variable and ##sys#get-argument

[Christian Kellermann]

Hi Peter!

* Peter Bex <address@hidden> [130301 20:48]:
> Remember that when we fixed CVE-2012-6123, I intended to simplify a few
> procedures to prevent similar mistakes in the future?  Here's a patch
> that does this for get-environment-variable and ##sys#get-argument.
> 
> I don't know why these were hand-rolled in C; by my reckoning there's
> no good reason to do this.  By using the FFI instead, we can reduce code
> bloat and make it more maintainable, too.
> 
> There's exactly one difference that I've noticed: when passing an object
> of an invalid type or a string with a NUL byte in it, you no longer get
> an condition object with a location property in its "exn" subcondition.
> I think this is not a good enough reason to reject the patch; instead
> maybe we can try and see if we can improve the FFI to pass the location
> to its argument conversion/checking routines.  This would be more
> generally useful for user code, as well!
> 
> But that can be done later.

I have checked the usage of ##sys#get-argument and it has been used
only to get the program name and none of the (SVN) eggs used it.
So I took the liberty of changing the patch to get rid of it. As
it is the version is not safe when passing negative indices (as you
mentioned on #chicken, this has been unsafe in the original version
too).

Attached is a modified version of your patch that does this. What
do you think?

Kind regards,

Christian


-- 
In the world, there is nothing more submissive and weak than
water. Yet for attacking that which is hard and strong, nothing can
surpass it. --- Lao Tzu

0001-Remove-sys-get-argument-and-simplify-get-environment.patch
Description: Text document