This Tinyscript-based allows to generate a string with a given alphabet that has a given hash matching the format used for type juggling with PHP, that is when a loose comparison of the type ("0e12345" == ...) is used.
This can be installed using:
$ pip install tinyscript
$ tsm install loose-comparison-input-generator
| [loggers] | |
| keys=root | |
| [handlers] | |
| keys=stream_handler | |
| [formatters] | |
| keys=formatter | |
| [logger_root] |
| #!/bin/bash | |
| # Note: you might prefer latexmk -c since latexmk is great. It doesn't clean all of these, but see | |
| # https://tex.stackexchange.com/questions/83341/clean-bbl-files-with-latexmk-c/83386#83386 | |
| exts="-blx.aux -blx.bib -blx.bib .acn .acr .alg .algorithms .aux .bbl .bcf .blg .brf .dvi .fdb_latexmk .fls .glg"\ | |
| " .glo .gls .glsdefs .idx .ilg .ind .ist .keys .listing .loa .lof .log .lol .lot .maf .mtc .mtc0 .mw .nav .nlo"\ | |
| " .out .pdfsync .ptc .pyg .run.xml .snm .synctex.gz .syntex.gz(busy) .tdo .thm .toc .vrb .xdy" | |
| for x in "${@:-.}"; do |
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.
** DISPUTED ** A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration."
Simple arguments lexer for parsing a line of arguments and keyword-arguments.
The ValueLexer evaluates strings (delimited by single or double quotes), booleans, floats, integers and also binary, octal or hexadecimal (to an integer).
The ArgumentsLexer ensures that the input line of arguments has the form:
arg1 arg2 ... argN kw1=val1 kw2=val2 ... kwM=valM
| # Custom git repos update function | |
| git-repos-update() { | |
| local currdir=$(pwd) | |
| for root in /opt ~/.opt; do | |
| for D in $root/*; do | |
| if [ -d "${D}" ]; then | |
| cd "${D}" | |
| cat .git/config 2>/dev/null | \ | |
| grep url | \ | |
| cut -d" " -f 3 && \ |