diff options
Diffstat (limited to 'dev-util/oprofile/files/oprofile-0.9.6-Avoid-blindly-source-SETUP_FILE-with.patch')
-rw-r--r-- | dev-util/oprofile/files/oprofile-0.9.6-Avoid-blindly-source-SETUP_FILE-with.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/dev-util/oprofile/files/oprofile-0.9.6-Avoid-blindly-source-SETUP_FILE-with.patch b/dev-util/oprofile/files/oprofile-0.9.6-Avoid-blindly-source-SETUP_FILE-with.patch new file mode 100644 index 000000000000..1892cc3e007a --- /dev/null +++ b/dev-util/oprofile/files/oprofile-0.9.6-Avoid-blindly-source-SETUP_FILE-with.patch @@ -0,0 +1,46 @@ +commit f427df4ed4b2ec540d496abc4afa984b2dd677b4 +Author: William Cohen <wcohen@redhat.com> +Date: Thu Jun 2 09:44:38 2011 -0400 + + Avoid blindly source $SETUP_FILE with '.' (PR3303383) + + There could be arbitrary commands in the $SETUP_FILE. The '.' command + would blindly execute them. This change limits do_load_setup to only + assigning values to variables. + +diff --git a/utils/opcontrol b/utils/opcontrol +index cdff19f..b981427 100644 +--- a/utils/opcontrol ++++ b/utils/opcontrol +@@ -496,12 +496,25 @@ do_load_setup() + || mv "$SEC_SETUP_FILE" "$SETUP_FILE" + fi + +- if test -f "$SETUP_FILE"; then +- # load the actual information from file +- # FIXME this is insecure, arbitrary commands could be added to +- # $SETUP_FILE and be executed as root +- . $SETUP_FILE +- fi ++ if test ! -f "$SETUP_FILE"; then return; fi ++ ++ while IFS== read -r arg val; do ++ case "$arg" in ++ # The following catches anything that is not ++ # 0-9, a-z, A-Z, or an '_' ++ *[![:alnum:]_]*) ++ echo "Invalid variable \"$arg\" in $SETUP_FILE." ++ exit 1;; ++ esac ++ case "$val" in ++ # The following catches anything that is not ++ # 0-9, a-z, A-Z, an '-', ':', ',', '.', or '/' ++ *[!-[:alnum:]_:,./]*) ++ echo "Invalid value \"$val\" for $arg in $SETUP_FILE." ++ exit 1;; ++ esac ++ eval "${arg}=${val}" ++ done < $SETUP_FILE + } + + |