GNU bug report logs -
#16984
dired-do-rename susceptible to .../~/... hijack
Previous Next
Reported by: 積丹尼 Dan Jacobson <jidanni <at> jidanni.org>
Date: Mon, 10 Mar 2014 22:57:02 UTC
Severity: minor
Tags: confirmed, fixed, patch
Found in version 25.1
Fixed in version 26.1
Done: npostavs <at> users.sourceforge.net
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Michael Albinus <michael.albinus <at> gmx.de> writes:
> npostavs <at> users.sourceforge.net writes:
>
> `tramp-quote-name' works for both local and remote file names, so you
> could remove the test `(file-remote-p filename)'.
Oh, I somehow had it in my mind that `concat' doesn't work with nil, I
must have mixed it up with `insert'. Also, I guess most of the filename
tests should actually be looking at only the localname, so it should go
more like this:
(defun minibuffer-maybe-quote-filename (filename)
"Protect FILENAME from `substitute-in-file-name', as needed.
Useful to give the user default values that won't be substituted."
(let ((local (file-remote-p filename 'localname)))
(if (and (not (string-prefix-p "/:" local))
(file-name-absolute-p filename)
(string-match-p "/~" local))
(tramp-quote-name filename)
(minibuffer--double-dollars filename))))
Regarding `tramp-quoted-name-p', you should use (string-match "\\`/:"
...) or (string-prefix-p "/:" ...), not (string-match "^/:" ...) as the
latter could get confused by newlines in filenames (of the first two, I
find the `string-prefix-p' version clearer).
This bug report was last modified 8 years and 159 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.