bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Avoid DoS vulnerability through unsafe default assignment

From: Bruno Haible
Subject: Re: Avoid DoS vulnerability through unsafe default assignment
Date: Sun, 31 Jul 2022 08:10:28 +0200 
> -: "${PERL='perl'}"
> +: "${PERL="perl"}"

I had not expected that this would make a difference, but it does. This
sequence of commands

: ${A=perl}
: ${B="perl"}
: ${C='perl'}
: "${D=perl}"
: "${E="perl"}"
: "${F='perl'}"
echo "A=$A"
echo "B=$B"
echo "C=$C"
echo "D=$D"
echo "E=$E"
echo "F=$F"

produces

A=perl
B=perl
C=perl
D=perl
E=perl
F='perl'

POSIX is weird in some places...

Bruno
reply via email to
[Prev in Thread] Current Thread [Next in Thread]