Page MenuHomePhabricator
Create Task
Maniphest T56624

Translation of 'lbrack' command creates small security issue
Closed, ResolvedPublic
Actions

Description

Author: physik

Description:
see https://de.wikipedia.org/wiki/Benutzer:Physikerwelt#MOST_IMPORTANT_TEXVC_BUG
texvc translates
\lbrack->[

I guess a side effect is that it creates a tex file on the server that looks like
preamble
$$
[ user-input
$$
\end{document}
... might be a minor security issue.

I will fix that in the texvc grammar

Version: unspecified
Severity: trivial
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=49169

Details

Reference
bz54624

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 2:16 AM
bzimport added a project: Math.
bzimport set Reference to bz54624.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Sep 26 2013, 7:32 AM
gerritbot added a comment.Oct 20 2013, 6:58 PM

Change 90748 had a related patch set uploaded by Physikerwelt:
Breakdown of texvc

https://gerrit.wikimedia.org/r/90748

gerritbot added a comment.Dec 17 2013, 8:12 AM

Change 90748 merged by Physikerwelt:
Breakdown of texvc

https://gerrit.wikimedia.org/r/90748

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL