TinTin++ Mud Client The TinTin++ message board

 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
TinTin++ Mud Client

security issue

 
Post new topic   Reply to topic    The TinTin++ message board Forum Index -> Bug Reports
View previous topic :: View next topic  
Author Message
grimm



Joined: 13 Jun 2005
Posts: 31

PostPosted: Wed Mar 26, 2008 10:08 pm    Post subject: security issue Reply with quote

I am having a problem with an action to do stuff with 'says'. I actually kick off an external perl scrip to handle stuff, but I have the same issue with just using logline to log what they say. Here's what I have:
Code:

#action {%0 says '%1'^} {#system ./process_says.pl %0 %1}

The contents of %0 and %1 need to be escaped or something. I did a test say to check it out:
Quote:

#Unmatched braces error!
#Unmatched braces error!
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file
#Unmatched braces error!
Atal says 'That's the best" if{ i go'

Can I do something to prevent stuff like that?
Back to top
View user's profile Send private message
Scandum
Site Admin


Joined: 03 Dec 2004
Posts: 3856

PostPosted: Thu Mar 27, 2008 9:44 am    Post subject: Reply with quote

There's not a whole lot you can do about it, I'll see if I can fix it for the next release.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    The TinTin++ message board Forum Index -> Bug Reports All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Get TinTin++ Mud Client at SourceForge.net. Fast, secure and Free Open Source software downloads Get TinTin++ Mud Client at SourceForge.net. Fast, secure and Free Open Source software downloads
TinTin++ Homepage

Powered by phpBB © 2001, 2002 phpBB Group