alpine 3.7
shell weakness #15

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

gdbm/src/gdbm-1.13/src/gdbmtool.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 shell weakness.

     {
      terror (_("%s: too many arguments"), cmd->name);
      return 1;
    }

  /* Prepare for calling the handler */
  param.argc = i;
  if (!param.argv)
    {
      argmax = ARGINC;
      param.argv = ecalloc (argmax, sizeof (param.argv[0]));
    }
  param.argv[i] = NULL;
  param.vararg = arg;
  param.fp = NULL;
  param.data = NULL;
  pagfp = NULL;
      
  expected_lines = 0;
  expected_lines_ptr = (interactive && pager) ? &expected_lines : NULL;
  if (!(cmd->begin && cmd->begin (&param, expected_lines_ptr)))
    {
      if (pager && expected_lines > get_screen_lines ())
	{
	  pagfp = popen (pager, "w");
	  if (pagfp)
	    param.fp = pagfp;
	  else
	    {
	      terror (_("cannot run pager '%s': %s"), pager,
			    strerror (errno));
	      pager = NULL;
	      param.fp = stdout;
	    }	  
	}
      else
	param.fp = stdout;
  
      cmd->handler (&param);
      if (cmd->end)
	cmd->end (param.data);
      else if (param.data)
	free (param.data);

      if (pagfp)
	pclose (pagfp);
    }

  param_free_argv (&param, param.argc);
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.