clfs-1.2
        clfs-2.1
        clfs-3.0.0-systemd
        clfs-3.0.0-sysvinit
        systemd
        sysvinit
      
      
        
          | Last change
 on this file since 45c9bdd was             69cde8d, checked in by Jim Gifford <clfs@…>, 20 years ago | 
        
          | 
Added: All patches needed for the book.
 | 
        
          | 
              
Property                 mode
 set to                 100644 | 
        
          | File size:
            1.2 KB | 
      
      
| Rev | Line |  | 
|---|
| [69cde8d] | 1 | Submitted By: Ken Moffat <ken@kenmoffat.uklinux.net> | 
|---|
|  | 2 | Date: 2005-08-09 | 
|---|
|  | 3 | Initial Package Version: 1.0.3 | 
|---|
|  | 4 | Upstream Status: Unknown. | 
|---|
|  | 5 | Origin: Jyri Ryska (RedHat) for fedora3 | 
|---|
|  | 6 | Description: Fixes filename sanitisation in bzgrep. | 
|---|
|  | 7 | This fixes CAN-2005-0758 (if a user can be tricked into running | 
|---|
|  | 8 | bzgrep in an untrusted directory containing files with carefully | 
|---|
|  | 9 | crafted filenames, arbitrary commands could be executed as the user | 
|---|
|  | 10 | running bzgrep).  Risk is reported as low.  I've modified it to force | 
|---|
|  | 11 | the interpreter to be bash, some of the other shells in use won't | 
|---|
|  | 12 | like the bash syntax. | 
|---|
|  | 13 |  | 
|---|
|  | 14 | diff -Naur bzip2-1.0.3/bzgrep bzip2-1.0.3-new/bzgrep | 
|---|
|  | 15 | --- bzip2-1.0.3/bzgrep  2004-10-09 12:29:32.000000000 +0100 | 
|---|
|  | 16 | +++ bzip2-1.0.3-new/bzgrep      2005-08-09 21:36:37.000000000 +0100 | 
|---|
|  | 17 | @@ -1,4 +1,4 @@ | 
|---|
|  | 18 | -#!/bin/sh | 
|---|
|  | 19 | +#!/bin/bash | 
|---|
|  | 20 |  | 
|---|
|  | 21 | # Bzgrep wrapped for bzip2, | 
|---|
|  | 22 | # adapted from zgrep by Philippe Troin <phil@fifi.org> for Debian GNU/Linux. | 
|---|
|  | 23 | @@ -63,7 +63,11 @@ | 
|---|
|  | 24 | bzip2 -cdfq "$i" | $grep $opt "$pat" | 
|---|
|  | 25 | r=$? | 
|---|
|  | 26 | else | 
|---|
|  | 27 | -    bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${i}:|" | 
|---|
|  | 28 | +    j=${i//\\/\\\\} | 
|---|
|  | 29 | +    j=${j//|/\\|} | 
|---|
|  | 30 | +    j=${j//&/\\&} | 
|---|
|  | 31 | +    j=`printf "%s" "$j" | tr '\n' ' '` | 
|---|
|  | 32 | +    bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${j}:|" | 
|---|
|  | 33 | r=$? | 
|---|
|  | 34 | fi | 
|---|
|  | 35 | test "$r" -ne 0 && res="$r" | 
|---|
       
      
  Note:
 See   
TracBrowser
 for help on using the repository browser.