alpine 3.7
shell weakness #19

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

libdvbpsi/src/libdvbpsi-1.3.1/misc/test_dr.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 shell weakness.

     BOZO_CLEAN();
  BOZO_end_boolean(b_external_clock_ref)

  /* check i_clock_accuracy_integer */
  BOZO_init_boolean(b_external_clock_ref, 0);
  BOZO_init_integer(i_clock_accuracy_integer, 0);
  BOZO_init_integer(i_clock_accuracy_exponent, 0);
  BOZO_begin_integer(i_clock_accuracy_integer, 6)
    BOZO_DOJOB(SystemClock);
    BOZO_check_integer(i_clock_accuracy_integer, 6)
    BOZO_CLEAN();
  BOZO_end_integer(i_clock_accuracy_integer, 6)

  /* check i_clock_accuracy_exponent */
  BOZO_init_boolean(b_external_clock_ref, 0);
  BOZO_init_integer(i_clock_accuracy_integer, 0);
  BOZO_init_integer(i_clock_accuracy_exponent, 0);
  BOZO_begin_integer(i_clock_accuracy_exponent, 3)
    BOZO_DOJOB(SystemClock);
    BOZO_check_integer(i_clock_accuracy_exponent, 3)
    BOZO_CLEAN();
  BOZO_end_integer(i_clock_accuracy_exponent, 3)


  BOZO_END(system clock);

  return i_err;
}

/* multiplex buffer utilization */
static int main_mx_buff_utilization_(void)
{
  BOZO_VARS(mx_buff_utilization);
  BOZO_START(multiplex buffer utilization);

  
  /* check b_mdv_valid */
  BOZO_init_boolean(b_mdv_valid, 0);
  BOZO_init_integer(i_mx_delay_variation, 0);
  BOZO_init_integer(i_mx_strategy, 0);
  BOZO_begin_boolean(b_mdv_valid)
    BOZO_DOJOB(MxBuffUtilization);
    BOZO_check_boolean(b_mdv_valid)
    BOZO_CLEAN();
  BOZO_end_boolean(b_mdv_valid)

  /* check i_mx_delay_variation */
  BOZO_init_boolean(b_mdv_valid, 0);
  BOZO_init_integer(i_mx_delay_variation, 0);
  BOZO_init_integer(i_mx_strategy, 0); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.