Re: [Rd] %s in filename when opening device causes crash (PR#10571)
Richard Cotton wrote: Prof Brian Ripley wrote: Yes. The problem is of course that we do want a sprintf() format there for Rplot%03d.pdf et al. One option would be to escape % except when in (regexp) %[0-9]*d, which seems nontrivial, but not impossible. But there are other integer formats (%i, %u, %x, %X), and other flags (# might be useful). So the list of valid inputs is also rather long. It would be tedious to do at C level, but a check in the R-level wrapper would be easier (if not 'simple'). Having just worked my way through the alphabet, I can say that it is only the letters 's' and 'n' that cause any problems. Thus, if you do decide to handle the error in the R wrapper functions, the regex for bad inputs is fairly straightforward %[#[:blank:]\\+\\-]*[[:digit:]]*[sn]. Not quite. The floating point formats are also problematic; you may fetch 8 bytes where only 4 was allocated. Also, %%s should not be forbidden. Anyways, I believe Brian has this in hand. -- O__ Peter Dalgaard Øster Farimagsgade 5, Entr.B c/ /'_ --- Dept. of Biostatistics PO Box 2099, 1014 Cph. K (*) \(*) -- University of Copenhagen Denmark Ph: (+45) 35327918 ~~ - ([EMAIL PROTECTED]) FAX: (+45) 35327907 __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
Re: [Rd] %s in filename when opening device causes crash (PR#10571)
Using %s in a filename when opening a device causes R to crash, e.g.,
pdf(foo%s.pdf)
win.metafile(foo%s.wmf)
postscript(foo%s.ps)
Do you have a workaround for this? Since that is done at C level, we
can't easily trap this (especially on Windows), and the list of possible
errors that might cause a crash is rather long.
It has been considered as a vulnerability, but there seems no simple
solution.
The simplest workaround is probably to check that '%s' isn't included in
the character string for the file argument to each of the R wrapper
functions, something like
if(length(grep(%s, file))) stop(using '%s' in a filename is invalid)
This of course means that we couldn't use '%s' in a file string (is this a
great loss?), and that users could still cause a crash by calling the
.External code directly.
Regards,
Richie.
Mathematical Sciences Unit
HSL
ATTENTION:
This message contains privileged and confidential inform...{{dropped:21}}
__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel
[Rd] %s in filename when opening device causes crash (PR#10571)
Full_Name: Richard Cotton Version: 2.6.1 OS: Windows XP (32bit) Submission from: (NULL) (193.119.236.82) Using %s in a filename when opening a device causes R to crash, e.g., pdf(foo%s.pdf) win.metafile(foo%s.wmf) postscript(foo%s.ps) __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
Re: [Rd] %s in filename when opening device causes crash (PR#10571)
On Mon, 14 Jan 2008, [EMAIL PROTECTED] wrote: Full_Name: Richard Cotton Version: 2.6.1 OS: Windows XP (32bit) Submission from: (NULL) (193.119.236.82) Using %s in a filename when opening a device causes R to crash, e.g., pdf(foo%s.pdf) win.metafile(foo%s.wmf) postscript(foo%s.ps) Do you have a workaround for this? Since that is done at C level, we can't easily trap this (especially on Windows), and the list of possible errors that might cause a crash is rather long. It has been considered as a vulnerability, but there seems no simple solution. -- Brian D. Ripley, [EMAIL PROTECTED] Professor of Applied Statistics, http://www.stats.ox.ac.uk/~ripley/ University of Oxford, Tel: +44 1865 272861 (self) 1 South Parks Road, +44 1865 272866 (PA) Oxford OX1 3TG, UKFax: +44 1865 272595 __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
Re: [Rd] %s in filename when opening device causes crash (PR#10571)
Same on 2.7.0 Under development (unstable) (2007-12-21 r43753) using Ubuntu i686 2.6.22-14-generic: * ~: R :: R version 2.7.0 Under development (unstable) (2007-12-21 r43753) pdf pdf(foo%s.pdf) *** caught segfault *** address 0x1, cause 'memory not mapped' Traceback: 1: .External(PDF, file, old$paper, old$family, old$encoding, old$bg, old$fg, old$width, old$height, old$pointsize, onefile, old$pagecentre, old$title, old$fonts, version[1], version[2]) 2: pdf(foo%s.pdf) Possible actions: 1: abort (with core dump, if enabled) 2: normal R exit 3: exit R without saving workspace 4: exit R saving workspace Selection: 2 * ~: [EMAIL PROTECTED] wrote: Full_Name: Richard Cotton Version: 2.6.1 OS: Windows XP (32bit) Submission from: (NULL) (193.119.236.82) Using %s in a filename when opening a device causes R to crash, e.g., pdf(foo%s.pdf) win.metafile(foo%s.wmf) postscript(foo%s.ps) __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel -- Dr Oleg Sklyar * EBI-EMBL, Cambridge CB10 1SD, UK * +44-1223-494466 __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
Re: [Rd] %s in filename when opening device causes crash (PR#10571)
[EMAIL PROTECTED] wrote: On Mon, 14 Jan 2008, [EMAIL PROTECTED] wrote: Full_Name: Richard Cotton Version: 2.6.1 OS: Windows XP (32bit) Submission from: (NULL) (193.119.236.82) Using %s in a filename when opening a device causes R to crash, e.g., pdf(foo%s.pdf) win.metafile(foo%s.wmf) postscript(foo%s.ps) Do you have a workaround for this? Since that is done at C level, we can't easily trap this (especially on Windows), and the list of possible errors that might cause a crash is rather long. It has been considered as a vulnerability, but there seems no simple solution. Yes. The problem is of course that we do want a sprintf() format there for Rplot%03d.pdf et al. One option would be to escape % except when in (regexp) %[0-9]*d, which seems nontrivial, but not impossible. -- O__ Peter Dalgaard Øster Farimagsgade 5, Entr.B c/ /'_ --- Dept. of Biostatistics PO Box 2099, 1014 Cph. K (*) \(*) -- University of Copenhagen Denmark Ph: (+45) 35327918 ~~ - ([EMAIL PROTECTED]) FAX: (+45) 35327907 __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
Re: [Rd] %s in filename when opening device causes crash (PR#10571)
On Mon, 14 Jan 2008, Peter Dalgaard wrote: [EMAIL PROTECTED] wrote: On Mon, 14 Jan 2008, [EMAIL PROTECTED] wrote: Full_Name: Richard Cotton Version: 2.6.1 OS: Windows XP (32bit) Submission from: (NULL) (193.119.236.82) Using %s in a filename when opening a device causes R to crash, e.g., pdf(foo%s.pdf) win.metafile(foo%s.wmf) postscript(foo%s.ps) Do you have a workaround for this? Since that is done at C level, we can't easily trap this (especially on Windows), and the list of possible errors that might cause a crash is rather long. It has been considered as a vulnerability, but there seems no simple solution. Yes. The problem is of course that we do want a sprintf() format there for Rplot%03d.pdf et al. One option would be to escape % except when in (regexp) %[0-9]*d, which seems nontrivial, but not impossible. But there are other integer formats (%i, %u, %x, %X), and other flags (# might be useful). So the list of valid inputs is also rather long. It would be tedious to do at C level, but a check in the R-level wrapper would be easier (if not 'simple'). BTW, this occurs in other places, e.g. the title argument of quartz() and, from R-devel, X11(). -- Brian D. Ripley, [EMAIL PROTECTED] Professor of Applied Statistics, http://www.stats.ox.ac.uk/~ripley/ University of Oxford, Tel: +44 1865 272861 (self) 1 South Parks Road, +44 1865 272866 (PA) Oxford OX1 3TG, UKFax: +44 1865 272595 __ R-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
