Glynn Clements ha scritto:
> Modifying individual programs to protect against a shell-injection bug
> in Windows' URI handler is a workaround (mitigation strategy), not a
> fix.
I repeat. Nowhere is said that ShellExecute (the default "run stuff"
function) takes URLs. It takes strings. A desktop sh...
> Modifying individual programs to protect against a shell-injection bug
> in Windows' URI handler is a workaround (mitigation strategy), not a
> fix.
I repeat. Nowhere is said that ShellExecute (the default "run stuff"
function) takes URLs. It takes strings. A desktop sh...
[ more ]