On 2018-03-02 00:56, Mark H Weaver wrote:
I would not consider Guile's 'read' to be trustworthy when processing
potentially malicious inputs.
Mark
Thanks for the input.
FWIW, I've written a procedure 'read' that is AFAIK safe but can
_fail_ on malicious input.
It can read:
-
Amirouche Boubekki writes:
> I have procedures like that in my program:
>
> (define-public (scm->string scm)
> (call-with-output-string
> (lambda (port)
> (write scm port
>
> (define-public (string->scm string)
> (call-with-input-string string read))
>
Amirouche Boubekki writes:
> Seems like 'read' is unsafe against arbitrary code execution
> via srfi-10 and segfault or consume the whole memory on invalid
> input.
Yep...
I think the answer is to write a safer read in scheme.
On 2018-02-25 18:35, Christopher Lemmer Webber wrote:
Luckily I kept notes on this... the answer is not very if you're
snarfing stuff over the wire!
: paroneayea: relatedly,
:
http://git.savannah.gnu.org/cgit/guile.git/commit/?id=e68dd5c601ef7975507d4118bcc2ad334b0450b2
: i suppose
On 2018-02-25 18:29, Matt Wette wrote:
On 02/25/2018 07:35 AM, Amirouche Boubekki wrote:
I have procedures like that in my program:
(define-public (scm->string scm)
(call-with-output-string
(lambda (port)
(write scm port
(define-public (string->scm string)
Luckily I kept notes on this... the answer is not very if you're
snarfing stuff over the wire!
: paroneayea: relatedly,
:
http://git.savannah.gnu.org/cgit/guile.git/commit/?id=e68dd5c601ef7975507d4118bcc2ad334b0450b2
: i suppose that doc update doesn't touch security at all tho...
On 2018-02-25 16:35, Amirouche Boubekki wrote:
I have procedures like that in my program:
(define-public (scm->string scm)
(call-with-output-string
(lambda (port)
(write scm port
(define-public (string->scm string)
(call-with-input-string string read))
Is it safe to pass to
On 02/25/2018 07:35 AM, Amirouche Boubekki wrote:
I have procedures like that in my program:
(define-public (scm->string scm)
(call-with-output-string
(lambda (port)
(write scm port
(define-public (string->scm string)
(call-with-input-string string read))
Is it safe to