help-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Printf and quoting in general, SQL injection in particular [was: Ema


From: Eli Zaretskii
Subject: Re: Printf and quoting in general, SQL injection in particular [was: Emacs Modular Configuration: the preferable way]
Date: Tue, 22 Jun 2021 15:12:42 +0300

> Date: Tue, 22 Jun 2021 02:23:03 +0200
> From:  Emanuel Berg via Users list for the GNU Emacs text editor 
> <help-gnu-emacs@gnu.org>
> 
> tomas wrote:
> 
> > My hint was rather a metaphor: using string operations on
> > things that aren't really strings (in the original case:
> > file system paths)
> 
> Emacs disagrees:
> 
>   (setq file "~/.emacs")
>   (file-exists-p file) ; t
>   (stringp file) ; t
> 
> > But your side is not "the world", and therefore Eli's
> > warning was spot-on
> 
> False alarm, as shown. It is safe to say, that warning can
> be ignored.

Not a false alarm; ignore that warning at your own peril:

  (string-equal "~/foo" "/home/users/eliz/foo") => nil
  (file-equal-p "~/foo" "/home/users/eliz/foo") => t

and also:

  (string-equal "/home/users/eliz/foo" "/server/homes/users/eliz/foo") => nil
  (file-equal-p "/home/users/eliz/foo" "/server/homes/users/eliz/foo") => t

And what about the below, what's going on there?

  $ ls -l /usr/bin/emacs*

  -rwxr-xr-x 2 eliz None 81081674 2021-03-25 15:54 /usr/bin/emacs
  -rwxr-xr-x 2 eliz None 81081674 2021-03-25 15:54 /usr/bin/emacs-27.2

  (file-equal-p "/usr/bin/emacs" "/usr/bin/emacs-27.2") => t



reply via email to

[Prev in Thread] Current Thread [Next in Thread]