Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

fedora 23
shell weakness #2


Weakness Breakdown


A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:



The highlighted line of code below is the trigger point of this particular Fedora 23 shell weakness.

#ifdef DEBUG
bool isValidXML(const char *filename)
	//Debug check to ensure we have written a valid xml file
	std::string command;
	unsigned int result;
//Windows doesn't really have  a /dev/null device, rather it has a reserved file name "NUL" or "nul"
#if defined(WIN32) || defined(WIN64)
	command = std::string("xmllint --version > NUL 2> NUL");
	command = std::string("xmllint --version >/dev/null 2>/dev/null");
	//Windows' shell handles escapes differently, workaround
	#if defined(WIN32) || defined(WIN64)
		command = std::string("xmllint --noout \"") + filename + string("\"");
		command = std::string("xmllint --noout \'") + filename + string("\'");
		return result ==0;

	//Debug check ineffective
	WARN(!result,"xmllint not installed in system PATH, cannot perform debug check")
	return true;

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.