Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Address security issues involving quote API
Ref: GHSA-r7qv-8r2h-pg27 - Deprecate quote APIs in favor of `try_` equivalents that complain about nul bytes. - Also add a builder API, which allows re-enabling nul bytes without using the deprecated interface, and in the future can allow other things (as discussed in quoting_warning). - Add documentation about various security risks that remain, particularly with interactive shells. - Add fuzzers that actually verify round-trippability of the quote APIs against various shells, Python `shlex`, and C `wordexp`. - These are separate crates (as opposed to just being different files under `fuzz/fuzz_targets`) because they have different dependencies and build steps, and I don't want to agglomerate them all together. I've put them in the same workspace at least. - Also, check in Cargo.lock for the fuzzers, since they are binaries. - Add explicit MSRV of 1.46.0. This crate didn't previously have an explicit MSRV, but `cargo msrv` tells me that shlex 1.2.0 works down to Rust 1.36.0. Since this is a security fix, ideally the MSRV wouldn't be bumped at all, but that's not really feasible since the new API uses `#[non_exhaustive]`, which was unstable in Rust 1.36.0. In case anyone is stuck on old Rust versions, I separately released a shlex 1.2.1 that only has the fix for `{`/`}`/`\xa0`, without the API changes. However, even for the full release I'd still like to keep the MSRV reasonably old. I picked 1.46.0 because it's the first version that wouldn't require completely redoing the `const fn` bitmask. - Add more authors to Cargo.toml based on Git commits.
- Loading branch information
