|
From: | anonymous |
Subject: | [Octave-bug-tracker] [bug #47976] str2num can perform arbitrary code |
Date: | Sun, 22 May 2016 17:41:35 +0000 (UTC) |
User-agent: | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
Follow-up Comment #2, bug #47976 (project octave): So on looking a little further, matlab is not much better. str2num(['evalc(' char(39) 'exit' char(39) ')']) will cause it to exit. The trouble is that str2num is supposed to be able to call functions by design. _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?47976> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |