On Wed, Sep 24, 2014 at 11:15 PM, Rainer Jung <[email protected]> wrote:
> A workaround like
>
> --- server/util_script.c.orig 2013-09-14 14:12:54.000000000 +0000
> +++ server/util_script.c 2014-09-24 20:35:54.952054361 +0000
> @@ -128,6 +128,12 @@
> }
> ++whack;
> }
> + /* Sanitize leading "()" because of CVE-2014-6271 bash exploit */
> + whack++;
> + if (*whack++ == '(' && *whack == ')') {
Don't you mean if (*++whack == '(' && *++whack == ')') instead of the
2 lines above?
Otherwise the post incrementation won't be done before the second
condition, and the test always be false.
> + *whack-- = '_';
> + *whack = '_';
> + }
> ++j;
> }
Regards,
Yann.
