centos 7
shell weakness #1

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

PackageKit-1.1.10/backends/nix/nix-helpers.cc

Context:

The highlighted line of code below is the trigger point of this particular Centos 7 shell weakness.

  * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed i3n the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

#include "nix-helpers.hh"

// find drv based on attrpath and system
DrvInfo
nix_find_drv (EvalState & state, DrvInfos drvs, gchar* package_id)
{
	gchar** package_id_parts = pk_package_id_split (package_id);

	// string name (package_id_parts[0]);
	// string version (package_id_parts[1]);
	string system (package_id_parts[2]);
	string attrPath (package_id_parts[3]);

	for (auto drv : drvs)
		if (drv.attrPath == attrPath && drv.system == system)
			return drv;

	DrvInfo drv (state);
	return drv;
}

// generate package id from derivation
gchar*
nix_drv_package_id (DrvInfo & drv)
{
	DrvName name (drv.name);

	return pk_package_id_build (
		name.name.c_str (),
		name.version.c_str (),
		drv.system.c_str (),
		drv.attrPath.c_str ()
	);
}

// get all drvs from list of ids 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.