Browse thread
[Caml-list] ANNOUNCE: mod_caml 1.0.6 - includes security patch
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
| Date: | -- (:) |
| From: | Richard Jones <rich@a...> |
| Subject: | Re: [Caml-list] ANNOUNCE: mod_caml 1.0.6 - includes security patch |
On Thu, Jan 15, 2004 at 04:04:33PM +0100, Frederic van der Plancke wrote: > Hi Richard, > > I see something strange with your patch: > > Richard Jones wrote: > [...] > > This is fixed in version 1.0.6, along with some other minor bugfixes, > > or you can apply the source patch at the end of this message. > [...] > > + let re1 = Pcre.regexp "'" in (* Double up any single quotes. *) > > + let sub1 = Pcre.subst "''" in > > + let re2 = Pcre.regexp "\\\\" in (* Double up any backslashes. *) > > + let sub2 = Pcre.subst "\\\\" in > > This does not look right: why sub2 = re2 and not sub2 = re2 ^ re2 ? No, it seems to be right. PCRE doesn't using \ escaping in substitutions, only in regular expressions. So the re2 matches \ and sub2 substitutes \\. Rich. -- Richard Jones. http://www.annexia.org/ http://freshmeat.net/users/rwmj Merjis Ltd. http://www.merjis.com/ - improving website return on investment MAKE+ is a sane replacement for GNU autoconf/automake. One script compiles, RPMs, pkgs etc. Linux, BSD, Solaris. http://www.annexia.org/freeware/makeplus/ ------------------- To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/ Beginner's list: http://groups.yahoo.com/group/ocaml_beginners