alpine 3.7
shell weakness #17

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

libmikmod/src/libmikmod-3.3.11.1/drivers/drv_pipe.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 shell weakness.

 	if(ptr) {
		MikMod_free(target);
		target=ptr;
	}
}

static BOOL pipe_IsThere(void)
{
	return 1;
}

static int pipe_Init(void)
{
	if(!target) {
		_mm_errno=MMERR_OPENING_FILE;
		return 1;
	}
#if !(MIKMOD_UNIX)
#ifdef __EMX__
	_fsetmode(stdout, "b");
#endif
#ifdef __WATCOMC__
	pipefile = _popen(target, "wb");
#else
	pipefile = popen(target, "wb");
#endif
	if (!pipefile) {
		_mm_errno=MMERR_OPENING_FILE;
		return 1;
	}
#else
	/* poor man's popen() */
	if (pipe(pipefd)) {
		_mm_errno = MMERR_OPENING_FILE;
		return 1;
	}
	switch (pid=fork()) {
		case -1:
			close(pipefd[0]);
			close(pipefd[1]);
			pipefd[0]=pipefd[1]=-1;
			_mm_errno=MMERR_OPENING_FILE;
			return 1;
		case 0:
			if (pipefd[0]) {
				dup2(pipefd[0],0);
				close(pipefd[0]);
			}
			close(pipefd[1]);
			if (!MD_DropPrivileges()) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.