[poppler] pdftohtml lets you run random shell commands

Ihar `Philips` Filipau thephilips at gmail.com
Thu Apr 19 09:47:53 PDT 2012


On 4/19/12, Albert Astals Cid <aacid at kde.org> wrote:
>
> So you say "NEVER EVER exposing anything to raw unfiltered user input" and
> at the same time argue we can do it and it's fine?
>

Sorry for the poor wording: front-end may not expose anything of the
back-end to raw unfiltered user input. What I wanted to say, in the
hypothetical scenario of pdftohtml running in the back-end, it will
never see any invalid device name.

But if you consider pdftohtml to be a front-end to gs, then, yes, you are right.


More information about the poppler mailing list