#3528 NORM First D: Manifest-checking code needs audit.
Zarro Boogs per Child
bugtracker at laptop.org
Mon Sep 17 16:50:42 EDT 2007
#3528: Manifest-checking code needs audit.
----------------------+-----------------------------------------------------
Reporter: mstone | Owner: cscott
Type: defect | Status: new
Priority: normal | Milestone: First Deployment, V1.0
Component: security | Version:
Keywords: security | Verified: 0
----------------------+-----------------------------------------------------
There are some latent bugs in the current manifest checking code, for
example: the checker uses blind character-matching to compute some file
offsets in a way that could be broken by filenames containing square-
brackets.
So far, since the bugs are not critical to the package's functionality,
I'm content to document them and move on.
--
Ticket URL: <https://dev.laptop.org/ticket/3528>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list