Version française
Home     About     Download     Resources     Contact us    
Browse thread
[Caml-list] ANNOUNCE: mod_caml 1.0.6 - includes security patch
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: -- (:)
From: Richard Jones <rich@a...>
Subject: Re: [Caml-list] ANNOUNCE: mod_caml 1.0.6 - includes security patch
On Thu, Jan 15, 2004 at 04:04:33PM +0100, Frederic van der Plancke wrote:
> Hi Richard, 
> 
> I see something strange with your patch:
> 
> Richard Jones wrote:
> [...]
> > This is fixed in version 1.0.6, along with some other minor bugfixes,
> > or you can apply the source patch at the end of this message.
> [...]
> > +  let re1 = Pcre.regexp "'" in         (* Double up any single quotes. *)
> > +  let sub1 = Pcre.subst "''" in
> > +  let re2 = Pcre.regexp "\\\\" in      (* Double up any backslashes. *)
> > +  let sub2 = Pcre.subst "\\\\" in
> 
> This does not look right: why sub2 = re2 and not sub2 = re2 ^ re2 ?

No, it seems to be right.

PCRE doesn't using \ escaping in substitutions, only in regular
expressions.  So the re2 matches \ and sub2 substitutes \\.

Rich.

-- 
Richard Jones. http://www.annexia.org/ http://freshmeat.net/users/rwmj
Merjis Ltd. http://www.merjis.com/ - improving website return on investment
MAKE+ is a sane replacement for GNU autoconf/automake. One script compiles,
RPMs, pkgs etc. Linux, BSD, Solaris. http://www.annexia.org/freeware/makeplus/

-------------------
To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners