[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#59817: [PATCH] Fix etags local command injection vulnerability
From: |
lux |
Subject: |
bug#59817: [PATCH] Fix etags local command injection vulnerability |
Date: |
Tue, 6 Dec 2022 21:11:35 +0800 |
On Tue, 06 Dec 2022 14:55:09 +0200
Eli Zaretskii <eliz@gnu.org> wrote:
> The "MSDOS || DOS_NT" case also needs a small change:
>
> > char *cmd = concat (cmd1, "\" > ", tmp_name);
>
> This doesn't quote tmp_name; it should.
Because double quotes have been used here, I have not reproduced this
vulnerability in Windows, so I have not dealt:
$ touch "etags.c\" && ipconfig \".z"
$ ./etags.exe "etags.c\" && ipconfig \".z"
etags.c" && ipconfig ".z: Invalid argument
$ ./etags.exe *
etags.exe: skipping inclusion of TAGS in self.
etags.c" && ipconfig ".z: Invalid argument
> > +static char*
> ^^
> There should be a space before "*".
done.
>
> > + if (*p == '\'')
> > + {
> > + new_str[i+1] = '\\';
> > + new_str[i+2] = '\'';
> > + new_str[i+3] = '\'';
> > + i += 3;
>
> I don't understand why you are adding ''\'' and not just \'.
> Wouldn't the latter work for some reason?
>
Because the single quote escape is: '\''
$ echo ''\''hello world'\'''
'hello world'
$ echo 'I'\''m a poor man'
I'm a poor man
0001-Fix-etags-local-command-injection-vulnerability.patch
Description: Text Data
- bug#59817: [PATCH] Fix etags local command injection vulnerability, lux, 2022/12/04
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/04
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Stefan Kangas, 2022/12/04
- Message not available
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/05
- bug#59817: [PATCH] Fix etags local command injection vulnerability, lux, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability,
lux <=
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Francesco Potortì, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Francesco Potortì, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, lux, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Andreas Schwab, 2022/12/06
- bug#59817: [PATCH] Fix etags local command injection vulnerability, Eli Zaretskii, 2022/12/06
bug#59817: [PATCH] Fix etags local command injection vulnerability, lux, 2022/12/04