fedora 23
shell weakness #23

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

oiio-Release-1.5.24/src/socket.imageio/socketoutput.cpp

Context:

The highlighted line of code below is the trigger point of this particular Fedora 23 shell weakness.

     socket.close();
    return true;
}



bool
SocketOutput::copy_image (ImageInput *in)
{
    return true;
}



bool
SocketOutput::send_spec_to_server(const ImageSpec& spec)
{
    std::string spec_xml = spec.to_xml();
    int xml_length = spec_xml.length ();

    try {
        boost::asio::write (socket, buffer (reinterpret_cast<const char *> (&xml_length),
                sizeof (boost::uint32_t)));
        boost::asio::write (socket, buffer (spec_xml.c_str (), spec_xml.length ()));
    } catch (boost::system::system_error &err) {
        error ("Error while send_spec_to_server: %s", err.what ());
        return false;
    } catch (...) {
        error ("Error while send_spec_to_server: unknown exception");
        return false;
    }

    return true;
}



bool
SocketOutput::connect_to_server (const std::string &name)
{
    std::map<std::string, std::string> rest_args;
    std::string baseurl;
    rest_args["port"] = socket_pvt::default_port;
    rest_args["host"] = socket_pvt::default_host;
    
    if (! Strutil::get_rest_arguments (name, baseurl, rest_args)) {
        error ("Invalid 'open ()' argument: %s", name.c_str ());
        return false;
    }
 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.