alpine 3.6
shell weakness #24


Weakness Breakdown


A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.6 shell weakness.

// --- library symbol lookup ---

// map from "libX" to full soname ""
#if defined(__linux__) || defined(__FreeBSD__)
static uv_rwlock_t soname_lock;
static std::map<std::string, std::string> sonameMap;
static bool got_sonames = false;

extern "C" void jl_init_runtime_ccall(void)

// This reloads the sonames, necessary after system upgrade.
// Keep this DLLEXPORTed, this is used by 'BinDeps.jl' to make sure
// newly installed libraries can be found.
extern "C" JL_DLLEXPORT void jl_read_sonames(void)
    char *line=NULL;
    size_t sz=0;
#if defined(__linux__)
    FILE *ldc = popen("/sbin/ldconfig -p", "r");
    FILE *ldc = popen("/sbin/ldconfig -r", "r");
    if (ldc == NULL) return; // ignore errors in running ldconfig (other than whatever might have been printed to stderr)

    // This loop is not allowed to call julia GC while holding the lock
    while (!feof(ldc)) {
        ssize_t n = getline(&line, &sz, ldc);
        if (n == -1)
        if (n > 2 && isspace((unsigned char)line[0])) {
#ifdef __linux__
            int i = 0;
            while (isspace((unsigned char)line[++i])) ;
            char *name = &line[i];
            char *dot = strstr(name, ".so");
            i = 0;
            char *name = strstr(line, ":-l");
            if (name == NULL) continue;
            strncpy(name, "lib", 3);
            char *dot = strchr(name, '.');

            if (NULL == dot) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.