Allright. Polishing: - disallow "/" anywhere in the filename - disallow "." at the beginning - replace all chars less than ' ' or > 127 with "_" - use a static buffer of size [MAX_PATH] instead of allocated memory, to be fail-safe against memory leaks from other applications using libfetch - typo corrected, style fixes, manual entries I also added a "-Q" flag which will print the resulting filename to stdout. This is useful in scripting. Diff on http:/www.cons.org/tmp/freebsd-fetch-O2.diff When discussing, keep in mind that the user has to explicity give the -O option (there is no environment variable to permanently turn this on) and that the implications of the -O options are very clear and simple. And that the main use of this is for folks who have to go through a gazillion of Bugzilla attachments all name "customer-errlog.20051220" etc, and there is no other way to download them in a name-preserving manner than interactively opening them in Mozilla and saving them. Before we randomize the list even more I would say I'd like to hear from the security officer if there is concern left. Myself I have no way to form conflicting user opinions into a decision. For the reasons above I plan to go forward if not vetoed. Martin -- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Martin Cracauer <cracauer_at_cons.org> http://www.cons.org/cracauer/ FreeBSD - where you want to go, today. http://www.freebsd.org/Received on Fri Dec 30 2005 - 16:52:29 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:50 UTC