Follow-up Comment #13, bug #34490 (project gnustep):
>regarding system(), I think the main problem is format string vulnerability
well i am not sure this is a real problem, also validating the string
shouldn't be hard
but i've updated the patch to use NSTask
btw. if the code you talked about is in GSGhostscriptImageRep, it seems the
code to locate the executables is redundant with the GNUstep NSTask extension
[NSTask+launchPathForTool:]
(file #24187)
_______________________________________________________
Additional Item Attachment:
File name: open_exp4.txt Size:2 KB
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?34490>
_______________________________________________
Nachricht geschickt von/durch Savannah
http://savannah.gnu.org/
_______________________________________________
Bug-gnustep mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/bug-gnustep
