alpine 3.8
shell weakness #18

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

icinga2/src/icinga2-2.8.4/lib/base/utility.cpp

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.8 shell weakness.

 
String Utility::GetIcingaDataPath(void)
{
	char path[MAX_PATH];
	if (!SUCCEEDED(SHGetFolderPath(NULL, CSIDL_COMMON_APPDATA, NULL, 0, path)))
		return "";
	return String(path) + "\\icinga2";
}

#endif /* _WIN32 */

String Utility::GetFromSysconfig(const String& env)
{
#ifndef _WIN32
	String sysconf = Application::GetSysconfigFile();
	if (sysconf.IsEmpty())
		return "";

	if (!Utility::PathExists(sysconf))
		return "";

	String cmdInner = ". " + EscapeShellArg(sysconf) + " 2>&1 >/dev/null;echo \"$ " + env + "\"";
	String cmd = "sh -c " + EscapeShellArg(cmdInner);

	FILE *fp = popen(cmd.CStr(), "r");

	if (!fp)
		return "";

	char line[1024];
	String out;

	if (fgets(line, sizeof(line), fp))
		out = line;
	else
		return "";

	pclose(fp);

	return out.Trim();
#else
	//TODO: Figure out how to do this on windows
	return "";
#endif /* _WIN32 */
} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.