alpine 3.7
shell weakness #21

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

ksymoops/src/ksymoops-2.4.11/io.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 shell weakness.

 	*(l+*size-1) = '\0';
	p = *line;
	r = l;
	while (*p) {
	    if (*p == '\t')
		r += TABWIDTH - (p - *line) % TABWIDTH;
	    else
		*r++ = *p;
	    ++p;
	}
	*r = '\0';
	p = *line;
	*line = l;
	free(p);
    }

    DEBUG(4, "%s line '%s'", msg, *line);
    return(*line);
}

FILE *popen_local(const char *cmd, const char *msg)
{
    FILE *f;
    static char const procname[] = "popen_local";
    if (!(f = popen(cmd, "r"))) {
	ERROR("%s popen '%s' failed", msg, cmd);
	perror(prefix);
    }
    return f;
}

void pclose_local(FILE *f, const char *msg)
{
    int i;
    static char const procname[] = "pclose_local";
    errno = 0;
    if ((i = pclose(f))) {
	ERROR("%s pclose failed 0x%x", msg, i);
	if (errno)
	    perror(prefix);
    }
} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.