emacs-orgmode
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Warn about shell-expansion in the docstring of org-latex-to-html-con

From: Ihor Radchenko
Subject: Re: Warn about shell-expansion in the docstring of org-latex-to-html-convert-command
Date: Tue, 19 Mar 2024 14:48:19 +0000 
Max Nikulin <manikulin@gmail.com> writes:

>>> On 12/03/2024 20:03, Ihor Radchenko wrote:
>>> - '%i' and "%i" in any position including e.g. --option='%i' and
>>> protocol:"%i"
>>> - 'something%i' and "something%i" surrounded by spaces or at the end of
>>> command but with no spaces in "something".
>> 
>> I am not confident that it will be safe. For example, consider something
>> awkward like foo\"%ibar\". I imagine that other edge cases are possible,
>> especially in exotic shells.
>
> I think quotes should not be stripped in such peculiar cases. The 
> variants I suggested do not match it. Is it realistic?

I am afraid that there are other peculiar cases. I do not know how to
determine which case is peculiar and when it is safe to strip the quotes
in the code. I feel that if we do try to strip only "safe" cases, we
will introduce subtle bugs and then introduce even more breaking changes
by fixing those bugs.

It is more robust to not strip the quotes at all and go ahead with
breaking change.

>>>>> - I expected it as bugfix.
>> 
>> It does not matter that most users will not be affected. Some users
>> being affected is enough to not commit this to bugfix. Our policy is not
>> to commit unsafe changes that may break existing configurations to
>> bugfix branch. Except critical fixes.
>
> Reasons why I consider this issue a severe enough:
> - Something weird may be executed as shell commands
> - Incorrect formulas in exported documents are more than just 
> disappointment. An example of complain related to another bug:
> Re: Inequalities in math blocks. Wed, 06 Oct 2021 09:39:23 +0200. 
> https://list.orgmode.org/m2bl42bo0k.fsf@me.com

I do not see these reasons as _critical_. In my mind, critical reasons
would be (1) Org mode completely broken for many users (it is not); (2)
Security vulnerability.

This particular case seems to be subjective, so it is a judgment call.
If you insist that the fix should land on bugfix, we can add Bastien to
the discussion to get a third opinion.

>>> emacs -Q --batch --eval '(find-file-noselect "not-found.txt" t)'
>>> Error: (file-missing "Searching for program" "No such file or directory"
>>> "git")
>> 
>> This looks like Emacs bug. Likely in `vc-refresh-state'.
>
> It as an Emacs bug that missing git executable leads to a fatal error.
>
> It is a bug in Org that some hooks are called when just file content is 
> necessary.

I would not necessarily call it a bug, but I do not see downsides of
using `insert-file-contents' instead of `find-file-noselect' and not
running `find-file-hook' in this particular case (other cases in Org
tree appears to be fine from a quick glance).

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]