alpine 3.6
shell weakness #22

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

julia/src/JuliaLang-libuv-8d5131b/src/unix/process.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 shell weakness.

 
  if ((options->flags & UV_PROCESS_SETUID) && setuid(options->uid)) {
    err = -errno;
    goto error;
  }

  if ((options->flags & UV_PROCESS_RESET_SIGPIPE) && signal(SIGPIPE,SIG_DFL) == SIG_ERR)
  {
    err = -errno;
    goto error;
  }


#ifdef __linux__
  if (options->env != NULL) {
    execvpe(options->file, options->args, options->env);
  } else {
    execvp(options->file, options->args);
  }
#else
  if (options->env != NULL) {
    environ = options->env;
  }

  execvp(options->file, options->args);
#endif

  err = -errno;

error:
#ifdef __linux__
  *error_out = err;
#else
  uv__write_int(error_fd, err);
#endif
  _exit(127);
}
#endif


int uv_spawn(uv_loop_t* loop,
             uv_process_t* process,
             const uv_process_options_t* options) {
#if defined(__APPLE__) && (TARGET_OS_TV || TARGET_OS_WATCH)
  /* fork is marked __WATCHOS_PROHIBITED __TVOS_PROHIBITED. */
  uv__handle_init(loop, (uv_handle_t*)process, UV_PROCESS);
  QUEUE_INIT(&process->queue);
  process->pid = 0;
  return -ENOSYS;
#else 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.