fedora 25
shell weakness #30

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

inventor/apps/tools/ivview/ivview.c++

Context:

The highlighted line of code below is the trigger point of this particular Fedora 25 shell weakness.

 {
    if (action->isOfType(SoGLRenderAction::getClassTypeId())) {
	numFramesRendered++;
    }
}

///////////////////////////////////////////////////////////////////
//
// Brings up the "About..." dialog
//
static void
showAboutDialog()
{
   if (access(IVHELPDIR"/ivview/ivview.about", R_OK) != 0) {
        system("xmessage 'Sorry, could not find "
               IVHELPDIR"/ivview/ivview.about' > /dev/null");
        return;
    }

    char command[100];
    sprintf(command, "which " PDFVIEWER " > /dev/null");

    int err = system(command);
    if (err) {
        system("xmessage 'You must install " PDFVIEWER
               " for this function to work' > /dev/null");
        return;
    }

    sprintf(command, PDFVIEWER " "IVHELPDIR"/ivview/ivview.about &");
    system(command);
}

///////////////////////////////////////////////////////////////////
//
// Use a motif file selection dialog to get the new filename.  
// Set up a callback to open the file and create the new scenegraph.
//
static void
getNewScene()
{
    static Widget fileDialog = NULL;


    if (fileDialog == NULL) {
        Arg args[5];
        int n = 0;

        // Unmanage when ok/cancel are pressed
        XtSetArg(args[n], XmNautoUnmanage, TRUE); n++; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.