From: William S F. <ws...@fu...> - 2007-07-30 20:55:16
|
George Feinberg wrote: > Hi, > > I'm using 1.3.31... > > When generating code for Tcl, this function is included in order to > turn a Tcl object/string into something usable by C++: > SWIG_Tcl_ConvertPtrFromString > > Inside this function is this code that tries to see if the value is > an object name: > /* Hmmm. It could be an object name. */ > if (Tcl_VarEval(interp,c," cget -this", (char *) NULL) == TCL_OK) { > > The problem is, if the string passed in looks like a Tcl script, > Tcl_VarEval() will run it. This is a potential security problem for any > application that doesn't verify that values that land here are not valid > Tcl scripts (or, you could call it a 'feature' of Tcl, but...). > > Has this issue been given any consideration by whoever handles Tcl? > Are there alternative, safer interfaces in Tcl that can get the job > done? > If so, what needs to be done to arrange to use them? I can put a > little > time into this if necessary. > > Tcl SWIG isn't being maintained by anyone at the moment. You can probably modify the appropriate typemaps to improve the security concerns you have. This is an interesting point, and any patches to the documentation as to how you worked around it will be gratefully received. William |