[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-readline] INPUTRC issues
From: |
Chet Ramey |
Subject: |
Re: [Bug-readline] INPUTRC issues |
Date: |
Tue, 24 May 2016 11:31:05 -0400 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 |
On 5/24/16 1:51 AM, Grisha Levit wrote:
> This issue seems fairly minor, but RHEL (and maybe others) allow INPUTRC
> through sudo by default so perhaps this warrants some attention.
>
> Something silly like:
>
> |echo '$include /tmp/X' > /tmp/X INPUTRC=/tmp/X sudo bash -c 'read -e' |
>
> Will segfault:
Of course. Preventing self-inflicted damage like this is ultimately
futile. There's always some way to shoot yourself in the foot.
>
> |Program terminated with signal 11, Segmentation fault. #0
> 0x00007f275ac948d7 in __GI___libc_malloc (address@hidden) at
> malloc.c:2895 2895 victim = _int_malloc(ar_ptr, bytes); (gdb) bt #0
> 0x00007f275ac948d7 in __GI___libc_malloc (address@hidden) at
> malloc.c:2895 #1 0x0000000000474e40 in xmalloc (address@hidden) at
> xmalloc.c:112 #2 0x00000000004bc6c3 in tilde_expand
> (address@hidden "/tmp/X") at ./tilde.c:202 |
>
> (at slightly different places, depending on other directives in the file).
>
> Since there is already current_readline_init_include_level, maybe
> implementing a max level for $include’s would be worthwhile.
I'll consider it for the next version.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU address@hidden http://cnswww.cns.cwru.edu/~chet/