On Mon, Jan 16, 2017 at 09:33:07PM +0100, Johannes Sixt wrote: > However, Jeff's patch is intended to catch exactly these cases (not for the > cases where this happens accidentally, but when they happen with malicious > intent). > > We are talking about user-provided data that is reproduced by die() or > error(). I daresay that we do not have a single case where it is intended > that this data is intentionally multi-lined, like a commit message. It can > only be an accident or malicious when it spans across lines. > > I know we allow CR and LF in file names, but in all cases where such a name > appears in an error message, it is *not important* that the data is > reproduced exactly. On the contrary, it is usually more helpful to know that > something strange is going on. The question marks are a strong indication to > the user for this. Yes, exactly. Thanks for explaining this better than I obviously was doing. :) > > If you absolutely insist, I will spend time to find a plausible example > > and use that in the regression test. > > I don't want to see you on an endeavor with dubious results. I'd prefer to > wait until the first case of "incorrectly munged data" is reported because, > as I said, I have a gut feeling that there is none. Agreed. -Peff