* input/no-notation/dos-ps.ly:

* input/no-notation/dos-tex.ly: New file.  These tests still FAIL.

diff --git a/ChangeLog b/ChangeLog
index 8dcb7b0edafc4db806ed67d43f1bac3d7ff56813..eba6302d35e858cd4161a34d6c5d4c85f67292bd 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2004-01-28  Jan Nieuwenhuizen  <janneke@gnu.org>
 
+       * Documentation/topdocs/NEWS.texi: Add note about safe mode.
+
+       * input/no-notation/dos-ps.ly: 
+       * input/no-notation/dos-tex.ly: New file.  These tests still FAIL.
+       
        * input/no-notation/safe-include.ly:
        * input/no-notation/safe-guile.ly:
        * input/no-notation/safe-ps.ly: 
@@ -17,8 +22,6 @@
        * python/lilylib.py (get_bbox, make_ps_images): Add -dSAFER to gs
        options.
 
-       * Documentation/topdocs/NEWS.texi: Add note about safe mode.
-
        * mf/GNUmakefile (FETA_LIST_FILES): Install feta*list.lys too.
        This allows building the user manual using a binary installation
        and a matching unpacked source tree.

diff --git a/Documentation/topdocs/NEWS.texi b/Documentation/topdocs/NEWS.texi
index 030a9077bfe4b453f02b61cc69c1f21fdba03305..f576d229a5e39baf754fc4796ec99eacea84477e 100644 (file)
--- a/Documentation/topdocs/NEWS.texi
+++ b/Documentation/topdocs/NEWS.texi
@@ -23,6 +23,8 @@ When lilypond is invoked with @{--safe-mode}, @TeX{} and PostScript
 file output is disallowed, and lilypond-bin is invoked with
 @code{--safe-mode}, the user's Guile expressions are evaluated in a
 safe environment and file inclusion is not allowed.
+
+Be warned that a DOS attack using @TeX{} or PostScript is rather easy.
 (This feature is still experimental.)
 
 @item There is now a Scheme macro for defining markup

diff --git a/input/no-notation/dos-ps.ly b/input/no-notation/dos-ps.ly
new file mode 100644 (file)
index 0000000..3ef1932
--- /dev/null
+++ b/input/no-notation/dos-ps.ly
@@ -0,0 +1,13 @@
+\version "2.1.16"
+
+\header{
+
+    texidoc = "This should not hang lilypond --safe-mode --no-pdf
+    --png run.
+
+}
+
+\score{
+    % DOS
+    \notes c''-"\\embeddedps{ { 0 0 moveto } loop }"
+}

diff --git a/input/no-notation/dos-tex.ly b/input/no-notation/dos-tex.ly
new file mode 100644 (file)
index 0000000..0f47f97
--- /dev/null
+++ b/input/no-notation/dos-tex.ly
@@ -0,0 +1,12 @@
+\version "2.1.16"
+
+\header{
+    
+    texidoc = "This should not hang lilypond --safe-mode run."
+
+}
+
+\score{
+    % DOS
+    \notes c''-"\\loop\\iftrue\\repeat"
+}

diff --git a/input/no-notation/safe-ps.ly b/input/no-notation/safe-ps.ly
index aeee4ae65436408bcfefd512e1b4d322eb6fcd2b..d7529e702817f1ec8f58ae562724fb7deb5c8d1a 100644 (file)
--- a/input/no-notation/safe-ps.ly
+++ b/input/no-notation/safe-ps.ly
@@ -1,11 +1,10 @@
 \version "2.1.16"
 
 \header{
-    texidoc = "This should not survive lilypond run, and certainly not
-    write /tmp/safe-ps.ps"
+    texidoc = "This should not survive lilypond --safe-mode
+    --no-pdf --png run, and certainly not write /tmp/safe-ps.ps"
 }
 
 \score{
     \notes c''-"\\embeddedps{ (/tmp/safe-ps.ps) (w) file (hallo) writestring }"
-   
 }

diff --git a/input/no-notation/safe-tex.ly b/input/no-notation/safe-tex.ly
index a40751211359eb96ebe82944c728af799950296b..ae6ab2c8862b3e262fa2b8c8e39672347f74f031 100644 (file)
--- a/input/no-notation/safe-tex.ly
+++ b/input/no-notation/safe-tex.ly
@@ -2,8 +2,8 @@
 
 \header{
     
-    texidoc = "This should not survive lilypond --safe-mode --no-pdf --png
-    run, and certainly not write /tmp/safe-tex.tex"
+    texidoc = "This should not survive lilypond --safe-mode run, and
+    certainly not write /tmp/safe-tex.tex"
 
     % beware
     % openout_any=y lilypond --keep --safe-mode -S latexoptions=']{article}