Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/bin/ed Prevent shell execution also in the 'r ! dobad' case, ...
details: https://anonhg.NetBSD.org/src/rev/601da4fab298
branches: trunk
changeset: 319988:601da4fab298
user: christos <christos%NetBSD.org@localhost>
date: Mon Jun 18 14:56:24 2018 +0000
description:
Prevent shell execution also in the 'r ! dobad' case, pointed out by
Martijn van Duren, thanks!
XXX: pullup-8
diffstat:
bin/ed/main.c | 13 +++++--------
1 files changed, 5 insertions(+), 8 deletions(-)
diffs (44 lines):
diff -r 3a7aeebb6c69 -r 601da4fab298 bin/ed/main.c
--- a/bin/ed/main.c Mon Jun 18 13:05:20 2018 +0000
+++ b/bin/ed/main.c Mon Jun 18 14:56:24 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.29 2018/04/05 18:44:57 christos Exp $ */
+/* $NetBSD: main.c,v 1.30 2018/06/18 14:56:24 christos Exp $ */
/* main.c: This file contains the main control and user-interface routines
for the ed line editor. */
@@ -39,7 +39,7 @@
#if 0
static char *rcsid = "@(#)main.c,v 1.1 1994/02/01 00:34:42 alm Exp";
#else
-__RCSID("$NetBSD: main.c,v 1.29 2018/04/05 18:44:57 christos Exp $");
+__RCSID("$NetBSD: main.c,v 1.30 2018/06/18 14:56:24 christos Exp $");
#endif
#endif /* not lint */
@@ -865,14 +865,11 @@
printf("%ld\n", addr_cnt ? second_addr : addr_last);
break;
case '!':
- if (secure) {
- seterrmsg("'!' not allowed");
- return ERR;
- }
if (addr_cnt > 0) {
seterrmsg("unexpected address");
return ERR;
- } else if ((sflags = get_shell_command()) < 0)
+ }
+ if ((sflags = get_shell_command()) < 0)
return ERR;
GET_COMMAND_SUFFIX();
if (sflags) printf("%s\n", shcmd + 1);
@@ -994,7 +991,7 @@
int i = 0;
int j = 0;
- if (red) {
+ if (red || secure) {
seterrmsg("shell access restricted");
return ERR;
} else if ((s = ibufp = get_extended_line(&j, 1)) == NULL)
Home |
Main Index |
Thread Index |
Old Index