[poppler] pdftohtml lets you run random shell commands

Albert Astals Cid aacid at kde.org
Mon Apr 23 10:10:05 PDT 2012

El Dilluns, 23 d'abril de 2012, a les 12:35:46, William Bader va escriure:
> Would it be safer to call one of the exec() functions instead of system()?

Of course it is, it is what my patch does. Actually as my initial mail i don't 
think quoting is a valid fix, so i'm voting for exec()+whatever window has in 
turn of exec or direct removal.


> William

More information about the poppler mailing list