Bug#407738: unintended shell glob expansion in /lib/udev/write_cd_rules

Sat, 20 Jan 2007 13:58:40 -0800 

Package: udev
Version: 0.103-2
Severity: important


In the script /lib/udev/write_cd_rules, the first argument to
find_next_available is used unprotected from the shell. Since its
argument is a regular expression that is also a valid shell glob, the
existence of filenames matching the glob pattern can break the
detection of existing CD-ROM device names, and result in overwriting
them in new persistent rules.

I have folders in the root directory I use for CD-ROM mount points:
/cdrom, /cdrom1, etc. Since these match the regexp passed to
find_next_available (cdrom[0-9]*), that pattern is glob-expanded,
causing find_next_available to fail. One solution is to wrap the
glob-expanding call in set -f/set +f, which does not glob expand $1.

Here is a patch that solves the problem on my system:

--- write_cd_rules.orig 2007-01-07 17:42:15.000000000 -0800
+++ write_cd_rules      2007-01-20 12:34:36.000000000 -0800
@@ -17,7 +17,9 @@
 
 ##############################################################################
 find_next_available() {
+  set -f
   raw_find_next_available "$(find_all_rules 'SYMLINK+=' $1)"
+  set +f
 }
 
 write_rule() {


-- Package-specific info:
-- /etc/udev/rules.d/:
/etc/udev/rules.d/:
total 8
lrwxrwxrwx 1 root root   20 2006-07-03 20:07 020_permissions.rules -> 
../permissions.rules
lrwxrwxrwx 1 root root   19 2006-07-04 08:06 025_libgphoto2.rules -> 
../libgphoto2.rules
lrwxrwxrwx 1 root root   16 2007-01-10 23:42 025_libsane.rules -> 
../libsane.rules
lrwxrwxrwx 1 root root   22 2006-07-04 08:06 025_logitechmouse.rules -> 
../logitechmouse.rules
lrwxrwxrwx 1 root root   15 2006-07-03 20:07 85-pcmcia.rules -> ../pcmcia.rules
lrwxrwxrwx 1 root root   15 2006-08-24 03:21 libnjb.rules -> ../libnjb.rules
lrwxrwxrwx 1 root root   14 2006-09-13 23:47 local.rules -> ../local.rules
lrwxrwxrwx 1 root root   13 2006-07-03 20:07 udev.rules -> ../udev.rules
lrwxrwxrwx 1 root root   25 2006-07-03 20:07 z20_persistent-input.rules -> 
../persistent-input.rules
lrwxrwxrwx 1 root root   19 2006-07-03 20:07 z20_persistent.rules -> 
../persistent.rules
-rw-r--r-- 1 root root 1032 2007-01-20 12:35 z25_persistent-cd.rules
-rw-r--r-- 1 root root  976 2006-12-22 23:32 z25_persistent-net.rules
lrwxrwxrwx 1 root root   33 2006-07-03 20:07 z45_persistent-net-generator.rules 
-> ../persistent-net-generator.rules
lrwxrwxrwx 1 root root   12 2006-07-03 20:07 z50_run.rules -> ../run.rules
lrwxrwxrwx 1 root root   16 2006-07-03 20:07 z55_hotplug.rules -> 
../hotplug.rules
lrwxrwxrwx 1 root root   19 2006-07-03 20:35 z60_alsa-utils.rules -> 
../alsa-utils.rules
lrwxrwxrwx 1 root root   15 2006-07-03 22:51 z60_hdparm.rules -> ../hdparm.rules
lrwxrwxrwx 1 root root   33 2006-07-03 20:33 z60_xserver-xorg-input-wacom.rules 
-> ../xserver-xorg-input-wacom.rules
lrwxrwxrwx 1 root root   29 2006-07-03 20:07 z75_cd-aliases-generator.rules -> 
../cd-aliases-generator.rules
lrwxrwxrwx 1 root root   12 2007-01-18 21:24 z99_hal.rules -> ../hal.rules

-- /sys/:
/sys/block/hda/dev
/sys/block/hda/hda1/dev
/sys/block/hda/hda2/dev
/sys/block/hdc/dev
/sys/block/ram0/dev
/sys/block/ram10/dev
/sys/block/ram11/dev
/sys/block/ram12/dev
/sys/block/ram13/dev
/sys/block/ram14/dev
/sys/block/ram15/dev
/sys/block/ram1/dev
/sys/block/ram2/dev
/sys/block/ram3/dev
/sys/block/ram4/dev
/sys/block/ram5/dev
/sys/block/ram6/dev
/sys/block/ram7/dev
/sys/block/ram8/dev
/sys/block/ram9/dev
/sys/block/sr0/dev
/sys/class/drm/card0/dev
/sys/class/graphics/fb0/dev
/sys/class/input/input0/event0/dev
/sys/class/input/input1/event1/dev
/sys/class/input/input2/event2/dev
/sys/class/input/input2/mouse0/dev
/sys/class/input/mice/dev
/sys/class/misc/agpgart/dev
/sys/class/misc/device-mapper/dev
/sys/class/misc/hpet/dev
/sys/class/misc/psaux/dev
/sys/class/misc/rtc/dev
/sys/class/misc/snapshot/dev
/sys/class/misc/vboxdrv/dev
/sys/class/ppdev/parport0/dev
/sys/class/printer/lp0/dev
/sys/class/scsi_generic/sg0/dev
/sys/class/sound/adsp/dev
/sys/class/sound/audio1/dev
/sys/class/sound/audio/dev
/sys/class/sound/controlC0/dev
/sys/class/sound/controlC1/dev
/sys/class/sound/dsp1/dev
/sys/class/sound/dsp/dev
/sys/class/sound/mixer1/dev
/sys/class/sound/mixer/dev
/sys/class/sound/pcmC0D0c/dev
/sys/class/sound/pcmC0D0p/dev
/sys/class/sound/pcmC0D1c/dev
/sys/class/sound/pcmC1D0c/dev
/sys/class/sound/pcmC1D0p/dev
/sys/class/sound/timer/dev
/sys/class/usb_device/usbdev1.1/dev
/sys/class/usb_device/usbdev2.1/dev
/sys/class/usb_device/usbdev3.1/dev
/sys/class/usb_device/usbdev4.1/dev
/sys/class/usb_device/usbdev5.1/dev
/sys/class/usb_device/usbdev6.16/dev
/sys/class/usb_device/usbdev6.1/dev
/sys/devices/pci0000:00/0000:00:1d.0/usb1/1-0:1.0/usbdev1.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.0/usb1/usbdev1.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1d.1/usb2/2-0:1.0/usbdev2.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.1/usb2/usbdev2.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1d.2/usb3/3-0:1.0/usbdev3.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.2/usb3/usbdev3.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.0/usb4/4-0:1.0/usbdev4.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.0/usb4/usbdev4.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.1/usb5/5-0:1.0/usbdev5.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.1/usb5/usbdev5.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.2/usb6/6-0:1.0/usbdev6.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.2/usb6/6-1/6-1:1.0/usbdev6.16_ep02/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.2/usb6/6-1/6-1:1.0/usbdev6.16_ep86/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.2/usb6/6-1/usbdev6.16_ep00/dev
/sys/devices/pci0000:00/0000:00:1e.0/0000:02:00.0/0000:03:00.2/usb6/usbdev6.1_ep00/dev

-- Kernel configuration:


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.19.2
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages udev depends on:
ii  debconf [debconf-2.0]       1.5.11       Debian configuration management sy
ii  libc6                       2.3.6.ds1-10 GNU C Library: Shared libraries
ii  libselinux1                 1.32-3       SELinux shared libraries
ii  libvolume-id0               0.103-2      libvolume_id shared library
ii  lsb-base                    3.1-22       Linux Standard Base 3.1 init scrip

udev recommends no packages.

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to