From 4145ee42115c31b37c892dc28d75a8fd601d31b0 Mon Sep 17 00:00:00 2001
From: Ihor Radchenko <yantar92@posteo.net>
Date: Thu, 11 Jan 2024 16:34:09 +0100
Subject: [PATCH] fixup! org-man-open: Fix shell expansion vulnerability (Emacs
 bug#66390)

The escaped string is not necessary "\\;id" on Windows/DOS.
---
 lisp/ol-man.el | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lisp/ol-man.el b/lisp/ol-man.el
index 2a8288938..d3d7db047 100644
--- a/lisp/ol-man.el
+++ b/lisp/ol-man.el
@@ -50,9 +50,9 @@ matched strings in man buffer."
   (let* ((command (match-string 1 path))
          ;; FIXME: Remove after we drop Emacs 29 support.
          ;; Working around security bug #66390.
-         (command (if (equal (Man-translate-references ";id") "\\;id")
-                      ;; We are on Emacs that properly escapes man
-                      ;; command args (see Emacs commit 820f0793f0b).
+         (command (if (not (equal (Man-translate-references ";id") ";id"))
+                      ;; We are on Emacs that escapes man command args
+                      ;; (see Emacs commit 820f0793f0b).
                       command
                     ;; Older Emacs without the fix - escape the
                     ;; arguments ourselves.