Your message dated Wed, 12 Oct 2016 22:24:07 +0000
with message-id <e1burwv-0002s8...@franck.debian.org>
and subject line Bug#802203: fixed in gcl 2.6.12-40
has caused the Debian Bug report #802203,
regarding gcl: popen arguments not quoted causes trouble and security issues
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
802203: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802203
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gcl
Version: 2.6.12-1
Severity: important
Tags: patch

Dear Maintainer,

When using gcl i noticed (DIRECTORY #P"/;rm -rf ~;") did what it says
because the arguments to a popen call weren't quoted. I've included a 
patch which quotes the arguments for all cases of popen. I think it would
be better to rewrite these popen calls to native c code instead.

I haven't reported it upstream yet since account creation takes ages for their
bugtracker.

Kind regards,

Axel

---8<--- popen patch: ---8<---

diff -urN gcl_2.6.12_orig/o/alloc.c gcl-2.6.12/o/alloc.c
--- gcl_2.6.12_orig/o/alloc.c   2014-10-23 23:29:00.000000000 +0200
+++ gcl-2.6.12/o/alloc.c        2015-10-18 11:33:02.509804519 +0200
@@ -1466,7 +1466,7 @@
   if (chdir(P_tmpdir))
     FEerror("Cannot change directory to tmpdir", 0);
   _mcleanup();
-  if (snprintf(b1,sizeof(b1),"gprof %s",kcl_self)<=0)
+  if (snprintf(b1,sizeof(b1),"gprof '%s'",kcl_self)<=0)
     FEerror("Cannot write gprof command line", 0);
   if (!(pp=popen(b1,"r")))
     FEerror("Cannot open gprof pipe", 0);
diff -urN gcl_2.6.12_orig/o/unexec-19.29.c gcl-2.6.12/o/unexec-19.29.c
--- gcl_2.6.12_orig/o/unexec-19.29.c    2014-10-23 23:29:00.000000000 +0200
+++ gcl-2.6.12/o/unexec-19.29.c 2015-10-18 11:31:49.908324174 +0200
@@ -936,7 +936,7 @@
    
 
     /* The use of _execname is incompatible with RISCiX 1.1 */
-    sprintf (command, "nm %s | fgrep mcount", _execname);
+    sprintf (command, "nm '%s' | fgrep mcount", _execname);
 
     if ( (pfile = popen(command, "r")) == NULL)
     {
diff -urN gcl_2.6.12_orig/o/unexec.c gcl-2.6.12/o/unexec.c
--- gcl_2.6.12_orig/o/unexec.c  2014-10-23 23:29:00.000000000 +0200
+++ gcl-2.6.12/o/unexec.c       2015-10-18 11:31:31.883918663 +0200
@@ -937,7 +937,7 @@
    
 
     /* The use of _execname is incompatible with RISCiX 1.1 */
-    sprintf (command, "nm %s | fgrep mcount", _execname);
+    sprintf (command, "nm '%s' | fgrep mcount", _execname);
 
     if ( (pfile = popen(command, "r")) == NULL)
     {
diff -urN gcl_2.6.12_orig/o/unixfsys.c gcl-2.6.12/o/unixfsys.c
--- gcl_2.6.12_orig/o/unixfsys.c        2014-10-23 23:29:00.000000000 +0200
+++ gcl-2.6.12/o/unixfsys.c     2015-10-18 11:30:48.795030882 +0200
@@ -659,7 +659,7 @@
                strcat(filename, "*");
        } else
                coerce_to_filename(vs_base[0], filename);
-       sprintf(command, "ls -d %s 2> /dev/null", filename);
+       sprintf(command, "ls -d '%s' 2> /dev/null", filename);
        fp = popen(command, "r");
        setbuf(fp, iobuffer);
        for (;;) {

---8<--- end of popen patch ---8<---


-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gcl depends on:
ii  debconf            1.5.56
ii  emacs24 [emacsen]  24.4+1-5
ii  gcc                4:4.9.2-2
ii  libc6              2.19-18+deb8u1
ii  libgmp10           2:6.0.0+dfsg-6
ii  libreadline6       6.3-8+b3
ii  libtcl8.6          8.6.2+dfsg-2
ii  libtk8.6           8.6.2-1
ii  libx11-6           2:1.6.2-3
ii  ucf                3.0030

gcl recommends no packages.

Versions of packages gcl suggests:
pn  gcl-doc  <none>

-- debconf information:
  gcl/default_gcl_ansi:
  gcl/default_gcl_prof:

--- End Message ---
--- Begin Message ---
Source: gcl
Source-Version: 2.6.12-40

We believe that the bug you reported is fixed in the latest version of
gcl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 802...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Camm Maguire <c...@debian.org> (supplier of updated gcl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 12 Oct 2016 18:09:26 +0000
Source: gcl
Binary: gcl gcl-doc
Architecture: source amd64 all
Version: 2.6.12-40
Distribution: unstable
Urgency: medium
Maintainer: Camm Maguire <c...@debian.org>
Changed-By: Camm Maguire <c...@debian.org>
Description:
 gcl        - GNU Common Lisp compiler
 gcl-doc    - Documentation for GNU Common Lisp
Closes: 802203
Changes:
 gcl (2.6.12-40) unstable; urgency=medium
 .
   * pathnames1.2
   * Bug fix: "popen arguments not quoted causes trouble and security
     issues", thanks to axel (Closes: #802203).
Checksums-Sha1:
 041fd1ef686c666a4b739efaf786e7e43c2407f3 1813 gcl_2.6.12-40.dsc
 51ff3d3e2c63f89b8da7d5b6b651b9791e119ba5 278888 gcl_2.6.12-40.debian.tar.xz
 464d24c1b1a6e0019a6533c33015983f7b272e5d 7303622 gcl-dbgsym_2.6.12-40_amd64.deb
 3d216569e8728be81c3b276394c6b888dc28e74d 1128802 gcl-doc_2.6.12-40_all.deb
 2c510fc55fc497921f9a2f0974d513d024199797 31689310 gcl_2.6.12-40_amd64.deb
Checksums-Sha256:
 f520b9aa5e53de42c66943857b0963f6b6f8311ff4343b7a3826b5310686be10 1813 
gcl_2.6.12-40.dsc
 eb59f53d1e23f1621e36ccf70b2fb392a12bcb00892ab84693eede7eddd0d3f0 278888 
gcl_2.6.12-40.debian.tar.xz
 2f1870c2676aa3d88592ef162e113698e1a4fb85e53a94a8a0b5b03a6df128fd 7303622 
gcl-dbgsym_2.6.12-40_amd64.deb
 d94171e0d1619d3e05349eb88c3cf5f4364bce0a06b77b45ca2a47ff9eb0c9b5 1128802 
gcl-doc_2.6.12-40_all.deb
 a7b05cb2bdcf72da97f266e2b733b46e9d5529b61851aaa5367fdc374f26587e 31689310 
gcl_2.6.12-40_amd64.deb
Files:
 94053026d345e342fa918087ac814e3a 1813 lisp optional gcl_2.6.12-40.dsc
 b2c8373699b35c354e6f9184ac711811 278888 lisp optional 
gcl_2.6.12-40.debian.tar.xz
 2080733399f0c24c5640cd77b6077bff 7303622 debug extra 
gcl-dbgsym_2.6.12-40_amd64.deb
 f13f711d480ca42fcfde572c05013efc 1128802 doc optional gcl-doc_2.6.12-40_all.deb
 e8022e5d4d3cf4d367628dabe26decaa 31689310 lisp optional gcl_2.6.12-40_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX/pvLAAoJELhFzlEPm3FNDR0P/2VDhao/NTpD+HsrRdYPhVEt
dscCndC8+7nVMAqFtMTsFd1nLXRnKnv+cbMG86jhlgOo39noXK3JDOZMVDv8C4pa
7C9Z+F7fYVmNNMyT1Kh5jCyGBgGG7Wo+mloebgMrXUbz3E5KJaVvoz6cyHyHeQgc
0P7Iu9KhcMtiV9jstDXS+tuhw3GSxr/1PBr++mSIncLXPl2n3M5jCnmNgAuW8yJs
6mW0QD6x+nOfE0KPK9Bn3dACtSG6E3SBORq2FtrZsLpmBYoQR1AZZ76g4t+bgmUn
Yxodi4BvH8pOcyM+fhaAgPlm7pWjWNOJT5JIGyzdceg7RCcdzUTEqCvOTgV34ZEc
B35EYgc3R59GkoUagQ8x7lavdyfV95CoVYCw5W0QB5yav6j7+dWloPnQ84qwm2Vg
E3W5xdnEDsfYyAl3riAKejrmstyQp1xIiguFUfkRP3S5RVIuEr/3WNXG9j1WxfAV
uKsOr9kNOjgKzYGyzor1PMt9GoYe57HjHqpa1sYn//75f5a38iDFJEHYloOfzSOa
glXSCpr7mYMSCkO/RL/jQv5tHWLNICi5zTkVTkiRHtsMJZRJKgulNnD7rODYKsfG
jpVYTbXoGi09tHD3z7lvYB5nuSVMYSvc1T6OBo0Z0OSz4gl9I6acFPr0zaElgRFY
tUzhosXiisZ5P8vjlDkV
=5Umy
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to