Hi all,
Process.spawn has a vulnerability:
Process spawn(string
command, void|Stdio.Stream stdin,
void|Stdio.Stream stdout, void|Stdio.Stream stderr,
// These aren't used. Seems to be part of something
unfinished. /mast
//function|void cleanup, mixed ... args
)
//! Spawns a process that executes @[command] as a command shell
//! statement ("@expr{/bin/sh -c @[command]@}" for Unix,
"@expr{cmd /c
//! @[command]@}" for Windows).
//!
//! @param stdin
//! @param stdout
//! @param stderr
//! Stream objects to use as standard input, standard output
and
//! standard error, respectively, for the created process. The
//! corresponding streams for this process are used for those
that
//! are left out.
//!
//! @returns
//! Returns a @[Process.Process] object for the created
process.
//!
//! @seealso
//! @[system], @[popen]
{
mapping(string:mixed) data=(["env":getenv()]);
if(stdin) data->stdin=stdin;
if(stdout) data->stdout=stdout;
if(stderr) data->stderr=stderr;
#if defined(__NT__)
// if the command string command is not quoted, add double
quotes to
// make sure it is not modified by create_process
if (sizeof(command) <= 1 ||
command[0] != '\"' || command[sizeof(command)-1] != '\"')
command = "\"" + command + "\"";
return Process(({ "cmd", "/c", command }),data);
#elif defined(__amigaos__)
return Process(split_quoted_string(command),data);
#else /* !__NT__||__amigaos__ */
// return Process(({ "/bin/sh", "-c", command
}),data);
// Fix ?
return Process(({ "/bin/sh", "-c" }) + split_quoted_string(command),data);
#endif /* __NT__||__amigaos__ */
}
Regards
Send Pike-devel mailing list submissions to pike-devel@lists.lysator.liu.se To subscribe or unsubscribe via the World Wide Web, visit http://lists.lysator.liu.se/mailman/listinfo/pike-devel or, via email, send a message with subject or body 'help' to pike-devel-request@lists.lysator.liu.se You can reach the person managing the list at pike-devel-owner@lists.lysator.liu.se When replying, please edit your Subject line so it is more specific than "Re: Contents of Pike-devel digest..." Today's Topics: 1. pike under sanitizers (Mike) ---------------------------------------------------------------------- Message: 1 Date: Thu, 23 Jan 2020 10:40:13 +0000 From: "Mike" <tankf33der@disroot.org> To: pike-devel@lists.lysator.liu.se Subject: pike under sanitizers Message-ID: <96b4ff652af97bf1d5d49b78dd71f602@disroot.org> Content-Type: text/plain; charset="utf-8" hi all, I've compiled and run tests by clang with different sanitizers (address, memory, undefined). If somebody wants to get report(s) and fix let me know. Some of them are trivial and make sense. I'm already post announce on irc and sent mail to grubba@ without reply :) (mike) End of Pike-devel Digest, Vol 173, Issue 3 ******************************************