JehanneOS
/
mksh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SECURITY: do not permit += from environment either 

this makes our environment filter/sanitisation complete
This commit is contained in:
tg 2014-10-03 17:20:03 +00:00
parent e239a8358a
commit de53d2df1c
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
var.c
View File

@ -28,7 +28,7 @@
#include <sys/sysctl.h> #include <sys/sysctl.h>
#endif #endif
__RCSID("$MirOS: src/bin/mksh/var.c,v 1.181 2014/09/03 19:22:51 tg Exp $"); __RCSID("$MirOS: src/bin/mksh/var.c,v 1.182 2014/10/03 17:20:03 tg Exp $");
/*- /*-
* Variables * Variables
@ -751,18 +751,18 @@ typeset(const char *var, uint32_t set, uint32_t clr, int field, int base)
} }
val += len; val += len;
} }
if (val[0] == '=' || (val[0] == '+' && val[1] == '=')) { if (val[0] == '=') {
strndupx(tvar, var, val - var, ATEMP); strndupx(tvar, var, val - var, ATEMP);
if (*val++ == '+') { ++val;
++val; } else if (set & IMPORT) {
vappend = true; /* environment invalid variable name or no assignment */
} return (NULL);
} else if ((val[0] != '\0') || (set & IMPORT)) { } else if (val[0] == '+' && val[1] == '=') {
/* strndupx(tvar, var, val - var, ATEMP);
* must have a = when setting a variable by importing val += 2;
* the original environment, otherwise be empty; we vappend = true;
* also end up here when a variable name was invalid } else if (val[0] != '\0') {
*/ /* other invalid variable names (not from environment) */
return (NULL); return (NULL);
} else { } else {
/* just varname with no value part nor equals sign */ /* just varname with no value part nor equals sign */