Re: Avoid DoS vulnerability through unsafe default assignment

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Avoid DoS vulnerability through unsafe default assignment

From:	Chet Ramey
Subject:	Re: Avoid DoS vulnerability through unsafe default assignment
Date:	Mon, 1 Aug 2022 09:40:26 -0400
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

On 7/31/22 2:10 AM, Bruno Haible wrote:

-: "${PERL='perl'}"
+: "${PERL="perl"}"


I had not expected that this would make a difference, but it does. This
sequence of commands

: "${F='perl'}"

echo "F=$F"

produces

F='perl'

POSIX is weird in some places...


Single quotes aren't special within double quotes.


--
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Avoid DoS vulnerability through unsafe default assignment, Chet Ramey <=

Next by Date: Report 3 bugs discoverd in gawk involving gnulib
Next by thread: Report 3 bugs discoverd in gawk involving gnulib
Index(es):
- Date
- Thread