Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

fedora 25
shell weakness #13


Weakness Breakdown


A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:



The highlighted line of code below is the trigger point of this particular Fedora 25 shell weakness.

    char routeprintCmd[BUFSIZE];
    char conversionCmd[BUFSIZE];
    FILE *pipeFile;
    FILE *ivDataPipe = NULL;
    // Use routeprint to figure out how to convert to Inventor format
    sprintf(routeprintCmd, "/usr/sbin/routeprint -d %s %s 2> /dev/null",
	    destinationFileType, filename);

    // routeprint will return a conversion command which we can
    // then execute to convert the file.
    if (NULL != (pipeFile = popen(routeprintCmd, "r"))) {
	// read the command, which may be garbage: check return code
	(void) fgets(conversionCmd, BUFSIZE, pipeFile);
	// use pclose to check the return code of routeprint:
	// you have to check for non-zero return before executing conversionCmd
	if (0 != pclose(pipeFile)) {
	    // Failed!
	    return ivDataPipe;
	// Now try to execute the actual conversion.
	// If conversion is successful, we can read from the data pipe.
	// If not, the data pipe will be NULL: which is our return code.
	ivDataPipe = popen(conversionCmd, "r");
    return ivDataPipe;

// Read all objects from the given file and return under one separator.
SoSeparator *
MyFileRead(const char *filename, SbString &errorMessage)
    SoInput in;
    SbBool needToClosePipe = FALSE;
    FILE *ivDataPipe;

    // First check to make sure the file exists and is readable
    if (0 != access(filename, R_OK)) {
	errorMessage = "Error opening the file\n\"";
	errorMessage += filename;
	errorMessage += "\".";
	errorMessage += "\n\nThe file is unreadable or does not exist.";
	errorMessage += "\nYou may not have read permission on this file."; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.