octave-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Octave-bug-tracker] [bug #47976] str2num can perform arbitrary code

From: anonymous
Subject: [Octave-bug-tracker] [bug #47976] str2num can perform arbitrary code
Date: Sun, 22 May 2016 17:41:35 +0000 (UTC)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 
Follow-up Comment #2, bug #47976 (project octave):

So on looking a little further, matlab is not much better.


str2num(['evalc(' char(39) 'exit' char(39) ')'])


will cause it to exit.

The trouble is that str2num is supposed to be able to call functions by
design.

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?47976>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]