On 29 August 2013 19:45, Glenn Fowler <[email protected]> wrote:
> 13-08-25 path/pathcanon.c: finalize //@// extended/hidden attribute namespace
> *for testing*
Didn't we had the discussion that this is inherently unsafe?
If you build a path using variables from different sources you sooner
or later have leading or trailing slashes coming from many sources,
let or it users or config files, and no one sanitises paths. Not even
the Solaris or Linux kernels do that for system messages.
For example:
PATH1='/var/run/'
CONFIGDIR='appconfig/'
LOCK='/@/' # use leading and trailing / to force @ being a directory
SUBLOCKFILE='/run1982'
${PATH1}/${CONFIGDIR}/${LOCK}/${SUBLOCKFILE} will then be
/var/run//appconfig///@///run1982
Quick grep over /var/log/messages with grep -F '///' /var/log/messages
| wc -l returns 419
Please rip that out. It'll never pass *any* security code review.
Lionel
_______________________________________________
ast-developers mailing list
[email protected]
http://lists.research.att.com/mailman/listinfo/ast-developers
