On Wed, Sep 24, 2014 at 11:15 PM, Rainer Jung <rainer.j...@kippdata.de> wrote:
> A workaround like
>
> --- server/util_script.c.orig   2013-09-14 14:12:54.000000000 +0000
> +++ server/util_script.c        2014-09-24 20:35:54.952054361 +0000
> @@ -128,6 +128,12 @@
>              }
>              ++whack;
>          }
> +        /* Sanitize leading "()" because of CVE-2014-6271 bash exploit */
> +        whack++;
> +        if (*whack++ == '(' && *whack == ')') {

Don't you mean if (*++whack == '(' && *++whack == ')') instead of the
2 lines above?
Otherwise the post incrementation won't be done before the second
condition, and the test always be false.

> +            *whack-- = '_';
> +            *whack = '_';
> +        }
>          ++j;
>      }

Regards,
Yann.

Reply via email to