*** This bug is a security vulnerability ***
Public security bug reported:
I have tested it on a brand new Ubuntu 18.04 amd64 system, then install the
ipset package
when I type "ipset " and press tab to trigger bash auto completion,
it returns "-bash: syntax error near unexpected token `;;'".
ipset version: ipset v6.34, protocol version: 6
here is the full log, and I can see it fail when excuting eval
_ipset_known_hosts()
+ local cur prev cword words ips_version
+ local str_action str_setname str_type str_filename
+ local str_glob str_regex str_prefix str_suffix
+ local str_tmp= str_var=
+ local str_timeout=timeout 'str_order=before after' str_forceadd=
+ local str_counters= str_bp_counters= str_comment= str_markmask=
+ local str_skbinfo= str_skbflags=
+ local -i i=x=y=0
+ local -i got_bashcompl=got_action=action_index=order_index=set_has_timeout=0
+ local -i got_bp_proto=0
+ local -i ignore_errors=use_file=names_only=headers_only=save_format=res_sort=0
+ arr_sets=()
+ arr_types=()
+ arr_members=()
+ arr_unknown_opts=()
+ local arr_sets arr_types arr_members arr_unknown_opts
+ arr_dupe_cmd_opts=()
+ arr_used_opts=()
+ arr_tmp=()
+ local arr_dupe_cmd_opts arr_used_opts arr_tmp
+ arr_opts=("-! -exist" "-o -output" "-q -quiet" "-r -resolve" "-s -sorted" "-n
-name" "-t -terse" "-f -file")
+ local arr_opts
+ arr_icmp_types=(echo-reply pong network-unreachable host-unreachable
protocol-
unreachable port-unreachable fragmentation-needed source-route-failed
network-un
known host-unknown network-prohibited host-prohibited
TOS-network-unreachable TO
S-host-unreachable communication-prohibited
host-precedence-violation precedence
-cutoff source-quench network-redirect
host-redirect TOS-network-redirect TOS-ho
st-redirect echo-request ping
router-advertisement router-solicitation ttl-zero-
during-transit
ttl-zero-during-reassembly ip-header-bad required-option-missing
timestamp-request
timestamp-reply address-mask-request address-mask-reply)
+ local arr_icmp_types
+ arr_icmp6_types=(no-route communication-prohibited address-unreachable
port-un
reachable packet-too-big ttl-zero-during-transit ttl-zero-during-reassembly
bad-
header unknown-header-type unknown-option echo-request ping echo-reply pong
rout
er-solicitation router-advertisement neighbour-solicitation
neigbour-solicitatio
n neighbour-advertisement neigbour-advertisement redirect)
+ local arr_icmp6_types
+ (( 4 < 4 ))
+ COMPREPLY=()
++ ipset version
+ ips_version='ipset v6.34, protocol version: 6'
+ ips_version='6.34, protocol version: 6'
+ ips_version=6.34
+ read -a ips_version
+ [[ 6 = +([[:digit:]]) ]]
+ (( ips_version[0] < 6 ))
+ (( ips_version[0] > 6 ))
+ (( ips_version[0] == 6 ))
+ (( ips_version[1] >= 22 ))
+ str_comment=comment
+ str_markmask=markmask
+ str_forceadd=forceadd
+ str_skbinfo=skbinfo
+ str_skbflags='skbmark skbprio skbqueue'
+ got_bp_proto=1
+ declare -f _get_comp_words_by_ref
+ got_bashcompl=1
+ _get_comp_words_by_ref -n : cur prev cword words
+ local exclude flag i OPTIND=1
+ words=()
+ local cur cword words
+ upargs=()
+ upvars=()
+ local upargs upvars vcur vcword vprev vwords
+ getopts c:i:n:p:w: flag -n : cur prev cword words
+ case $flag in
+ exclude=:
+ getopts c:i:n:p:w: flag -n : cur prev cword words
+ [[ 6 -ge 3 ]]
+ case ${!OPTIND} in
+ vcur=cur
+ let 'OPTIND += 1'
+ [[ 6 -ge 4 ]]
+ case ${!OPTIND} in
+ vprev=prev
+ let 'OPTIND += 1'
+ [[ 6 -ge 5 ]]
+ case ${!OPTIND} in
+ vcword=cword
+ let 'OPTIND += 1'
+ [[ 6 -ge 6 ]]
+ case ${!OPTIND} in
+ vwords=words
+ let 'OPTIND += 1'
+ [[ 6 -ge 7 ]]
+ __get_cword_at_cursor_by_ref : words cword cur
+ words=()
+ local cword words
+ __reassemble_comp_words_by_ref : words cword
+ local exclude i j line ref
+ [[ -n : ]]
+ exclude=:
+ printf -v cword %s 1
+ [[ -n : ]]
+ line='ipset '
+ (( i=0, j=0 ))
+ (( i < 2 ))
+ [[ 0 -gt 0 ]]
+ ref='words[0]'
+ printf -v 'words[0]' %s ipset
+ line=' '
+ [[ 0 == 1 ]]
+ (( i++, j++ ))
+ (( i < 2 ))
+ [[ 1 -gt 0 ]]
+ [[ '' == +([:]) ]]
+ ref='words[1]'
+ printf -v 'words[1]' %s ''
+ line=' '
+ [[ 1 == 1 ]]
+ printf -v cword %s 1
+ (( i++, j++ ))
+ (( i < 2 ))
+ [[ 2 == 1 ]]
+ local i cur index=6 'lead=ipset '
+ [[ 6 -gt 0 ]]
+ [[ -n ipset ]]
+ [[ -n ipset ]]
+ cur='ipset '
+ (( i = 0 ))
+ (( i <= cword ))
+ [[ 6 -ge 5 ]]
+ [[ ipset != \i\p\s\e\t ]]
+ [[ 0 -lt 1 ]]
+ local old_size=6
+ cur=' '
+ local new_size=1
+ index=1
+ (( ++i ))
+ (( i <= cword ))
+ [[ 1 -ge 0 ]]
+ [[ '' != '' ]]
+ [[ 1 -lt 1 ]]
+ (( ++i ))
+ (( i <= cword ))
+ [[ -n ]]
+ [[ ! -n '' ]]
+ cur=
+ [[ 1 -lt 0 ]]
+ local words cword cur
+ _upvars -a2 words ipset '' -v cword 1 -v cur ''
+ (( 10 ))
+ (( 10 ))
+ case $1 in
+ [[ -n 2 ]]
+ printf %d 2
+ [[ -n words ]]
+ unset -v words
+ eval 'words=("${@:3:2}")'
++ words=("${@:3:2}")
+ shift 4
+ (( 6 ))
+ case $1 in
+ [[ -n cword ]]
+ unset -v cword
+ eval 'cword="$3"'
++ cword=1
+ shift 3
+ (( 3 ))
+ case $1 in
+ [[ -n cur ]]
+ unset -v cur
+ eval 'cur="$3"'
++ cur=
+ shift 3
+ (( 0 ))
+ [[ -n cur ]]
+ upvars+=("$vcur")
+ upargs+=(-v $vcur "$cur")
+ [[ -n cword ]]
+ upvars+=("$vcword")
+ upargs+=(-v $vcword "$cword")
+ [[ -n prev ]]
+ [[ 1 -ge 1 ]]
+ upvars+=("$vprev")
+ upargs+=(-v $vprev "${words[cword - 1]}")
+ [[ -n words ]]
+ upvars+=("$vwords")
+ upargs+=(-a${#words[@]} $vwords "${words[@]}")
+ (( 4 ))
+ local cur cword prev words
+ _upvars -v cur '' -v cword 1 -v prev ipset -a2 words ipset ''
+ (( 13 ))
+ (( 13 ))
+ case $1 in
+ [[ -n cur ]]
+ unset -v cur
+ eval 'cur="$3"'
++ cur=
+ shift 3
+ (( 10 ))
+ case $1 in
+ [[ -n cword ]]
+ unset -v cword
+ eval 'cword="$3"'
++ cword=1
+ shift 3
+ (( 7 ))
+ case $1 in
+ [[ -n prev ]]
+ unset -v prev
+ eval 'prev="$3"'
++ prev=ipset
+ shift 3
+ (( 4 ))
+ case $1 in
+ [[ -n 2 ]]
+ printf %d 2
+ [[ -n words ]]
+ unset -v words
+ eval 'words=("${@:3:2}")'
++ words=("${@:3:2}")
+ shift 4
+ (( 0 ))
+ (( got_bashcompl ))
+ declare -F _ipset_known_hosts
++ grep --color=auto -Ev '^(\{|\})'
++ grep --color=auto -Ev '^_known_hosts_real.*$'
++ grep --color=auto -v __ltrim_colon_completions
++ declare -f _known_hosts_real
+ eval '_ipset_known_hosts() { ' local configfile flag 'prefix;' local cur curd
awkcur user suffix aliases i host ipv4 'ipv6;' local -a kh khd 'config;' local
'
OPTIND=1;' while getopts '"ac46F:p:"' flag '"$@";' do case '$flag' in 'a)'
'alia
ses='\''yes'\''' ';;' 'c)' 'suffix='\'':'\''' ';;' 'F)' 'configfile=$OPTARG'
';;
' 'p)' 'prefix=$OPTARG' ';;' '4)' ipv4=1 ';;' '6)' ipv6=1 ';;' 'esac;' 'done;'
'
[[' '$#' -lt '$OPTIND' ']]' '&&' echo '"error:' '$FUNCNAME:' missing mandatory
a
rgument 'CWORD";' 'cur=${!OPTIND};' let '"OPTIND' += '1";' '[[' '$#' -ge
'$OPTIN
D' ']]' '&&' echo '"error:' '$FUNCNAME("$@"):' unprocessed 'arguments:"'
'$(whil
e' '[[' '$#' -ge '$OPTIND' ']];' do printf ''\''%s\n'\''' '${!OPTIND};'
'shift;'
'done);' '[[' '$cur' == '*@*' ']]' '&&' 'user=${cur%@*}@' '&&'
'cur=${cur#*@};'
'kh=();' if '[[' -n '$configfile' ']];' then '[[' -r
'$configfile' ']]' '&&' 'c
onfig+=("$configfile");' else for i in
/etc/ssh/ssh_config '~/.ssh/config' '~/.s
sh2/config;' do '[[' -r '$i' ']]' '&&'
'config+=("$i");' 'done;' 'fi;' for i in
'"${config[@]}";' do
_included_ssh_config_files '"$i";' 'done;' if '[[' '${#conf
ig[@]}' -gt 0 ']];'
then local 'OIFS=$IFS' 'IFS='\''' \' 'j;' local -a 'tmpkh;'
'tmpkh=($(' awk
''\''sub("^[' '\t]*([Gg][Ll][Oo][Bb][Aa][Ll]|[Uu][Ss][Ee][Rr])[K
k][Nn][Oo][Ww][Nn][Hh][Oo][Ss][Tt][Ss][Ff][Ii][Ll][Ee][' '\t]+",' '"")' '{'
prin
t '$0' '}'\''' '"${config[@]}"' '|' sort -u '));' 'IFS=$OIFS;' for i in
'"${tmpk
h[@]}";' do while '[[' '$i' '=~' '^([^\"]*)\"([^\"]*)\"(.*)$' ']];' do
'i=${BASH
_REMATCH[1]}${BASH_REMATCH[3]};' 'j=${BASH_REMATCH[2]};'
__expand_tilde_by_ref '
j;' '[[' -r '$j' ']]' '&&' 'kh+=("$j");' 'done;' for j in
'$i;' do __expand_tild
e_by_ref 'j;' '[[' -r '$j' ']]' '&&' 'kh+=("$j");' 'done;'
'done;' 'fi;' if '[['
-z '$configfile' ']];' then for i in
/etc/ssh/ssh_known_hosts /etc/ssh/ssh_know
n_hosts2 /etc/known_hosts
/etc/known_hosts2 '~/.ssh/known_hosts' '~/.ssh/known_h
osts2;' do '[[' -r '$i' ']]'
'&&' 'kh+=("$i");' 'done;' for i in /etc/ssh2/known
hosts '~/.ssh2/hostkeys;' do
'[[' -d '$i' ']]' '&&' 'khd+=("$i"/*pub);' 'done;'
'fi;' if '[[' '${#kh[@]}' -gt 0
'||' '${#khd[@]}' -gt 0 ']];' then 'awkcur=${cur
//\//\\\/};'
'awkcur=${awkcur//\./\\\.};' 'curd=$awkcur;' if '[[' '"$awkcur"' ==
'[0-9]*[.:]*'
']];' then 'awkcur="^$awkcur[.:]*";' else if '[[' '"$awkcur"' ==
'[0-9]*' ']];'
then 'awkcur="^$awkcur.*[.:]";' else if '[[' -z '$awkcur' ']];' t
hen
'awkcur="[a-z.:]";' else 'awkcur="^$awkcur";' 'fi;' 'fi;' 'fi;' if '[[' '${#
kh[@]}' -gt 0 ']];' then 'COMPREPLY+=($(' awk ''\''BEGIN' '{FS=","}'
'/^\s*[^|\#
]/' '{' 'sub("^@[^' ']+' '+",' '"");' '\' 'sub("' '.*$",' '"");' '\'
for '(i=1;'
'i<=NF;' '++i)' '{' '\' 'sub("^\\[",' '"",' '$i);'
'sub("\\](:[0-9]+)?$",' '"",
' '$i);' '\' if '($i' '!~' '/[*?]/' '&&' '$i' '~'
'/'\''"$awkcur"'\''/)' '{print
' '$i}' '\' '}}'\''' '"${kh[@]}"' '2>/dev/null'
'));' 'fi;' if '[[' '${#khd[@]}'
-gt 0 ']];' then for i in '"${khd[@]}";' do if
'[[' '"$i"' == '*key_22_$curd*.p
ub' '&&' -r '"$i"' ']];' then
'host=${i/#*key_22_/};' 'host=${host/%.pub/};' 'CO
MPREPLY+=($host);' 'fi;' 'done;'
'fi;' for '((i=0;' i '<' '${#COMPREPLY[@]};' i+
+ '))' do
'COMPREPLY[i]=$prefix$user${COMPREPLY[i]}$suffix;' 'done;' 'fi;' if '[
['
'${#config[@]}' -gt 0 '&&' -n '"$aliases"' ']];' then local 'hosts=$(' comman
d sed
-ne ''\''s/^[[:blank:]]*[Hh][Oo][Ss][Tt][[:blank:]]\{1,\}\([^#*?%]*\)\(#.*
\)\{0,1\}$/\1/p'\''' '"${config[@]}"' ');' 'COMPREPLY+=($(' compgen -P
'"$prefix
$user"' -S '"$suffix"' -W '"$hosts"' -- '"$cur"' '));' 'fi;'
'COMPREPLY+=($(' co
mpgen -W '"$(' ruptime '2>/dev/null' '|' awk ''\''!/^ruptime:/'
'{' print '$1' '
}'\''' ')"' -- '"$cur"' '));' if '[[' -n
'${COMP_KNOWN_HOSTS_WITH_HOSTFILE-1}' '
]];' then 'COMPREPLY+=($(' compgen -A
hostname -P '"$prefix$user"' -S '"$suffix"
' -- '"$cur"' '));' 'fi;' if '[[' -n
'$ipv4' ']];' then 'COMPREPLY=("${COMPREPLY
[@]/*:*$suffix/}");' 'fi;' if '[[' -n
'$ipv6' ']];' then 'COMPREPLY=("${COMPREPL
Y[@]/+([0-9]).+([0-9]).+([0-9]).+([0-9])$suffix/}");' 'fi;' if '[[' -n '$ipv4'
'
||' -n '$ipv6' ']];' then for i in '${!COMPREPLY[@]};' do '[[' -n
'${COMPREPLY[i
]}' ']]' '||' unset -v 'COMPREPLY[i];' 'done;' 'fi;; }'
-bash: syntax error near unexpected token `;;'
+ [[ -n '' ]]
+ (( i=1 ))
+ (( i < 2-1 ))
+ [[ -n '' ]]
+ (( names_only && headers_only ))
+ (( names_only || headers_only ))
+ (( ignore_errors ))
+ [[ '' == \$\(* ]]
+ [[ '' == \$\{* ]]
+ [[ '' == \$* ]]
+ case "$prev" in
+ (( got_action ))
+ [[ ipset = - ]]
+ [[ '' = -* ]]
+ (( save_format || names_only || headers_only ))
+ (( res_sort ))
+ (( ignore_errors && use_file ))
+ (( ignore_errors ))
+ (( use_file ))
+ COMPREPLY=($( compgen -W 'create n add del test destroy x list save \
restore flush rename e swap w help version' -- "$cur" ))
++ compgen -W 'create n add del test destroy x list save \
restore flush rename e swap w help version' -- ''
+ [[ -n '' ]]
** Affects: ipset (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1828707
Title:
ipset bash auto complete error on ubuntu 18.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipset/+bug/1828707/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
