[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Avoid DoS vulnerability through unsafe default assignment
From: |
Bruno Haible |
Subject: |
Re: Avoid DoS vulnerability through unsafe default assignment |
Date: |
Sun, 31 Jul 2022 08:10:28 +0200 |
> -: "${PERL='perl'}"
> +: "${PERL="perl"}"
I had not expected that this would make a difference, but it does. This
sequence of commands
: ${A=perl}
: ${B="perl"}
: ${C='perl'}
: "${D=perl}"
: "${E="perl"}"
: "${F='perl'}"
echo "A=$A"
echo "B=$B"
echo "C=$C"
echo "D=$D"
echo "E=$E"
echo "F=$F"
produces
A=perl
B=perl
C=perl
D=perl
E=perl
F='perl'
POSIX is weird in some places...
Bruno