bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issues with exported functions


From: Ángel González
Subject: Re: Issues with exported functions
Date: Mon, 29 Sep 2014 20:45:52 +0200

Chet Ramey wrote:
> On 9/28/14, 12:31 PM, Ángel González wrote:
> 
> > There's also the middleground of not parsing the environment variables
> > before they are going to be used. That avoids the issues caused by
> > parsing what is not needed *and* doesn't break backwards compatibility.
> > See the patch I sent a couple days ago.
> 
> That's a reasonably elegant extension, but it doesn't really solve the
> problem any better than fixing the underlying parser problem. 


You still have to fix the parser, obviously. It reduces the attack
surface for parsed-but-not-executed functions (and I expect a
performance  improvement, too).


> A user who can figure out how to pass a function with the appropriate name 
> encoding,
> which at this point nobody has figured out to do remotely, can more than
> likely arrange for that function to be called, at which point it will be
> parsed and any underlying parser bug exposed.

Or he can simply put the code to be executed inside the function to be called.

There's no merit in exploiting a parser bug in the exported variable grep 
(before 
patch 27) if the bash script executes grep.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]