d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c8a3d81f34
freebsd-dev/tools/regression/bin/sh
History
Jilles Tjoelker c8a3d81f34 sh: Fix heap-based buffer overflow in pathname generation. 
The buffer for generated pathnames could be too small in some cases. It
happened to be always at least PATH_MAX long, so there was never an overflow
if the resulting pathnames would be usable.

This bug may be abused if a script subjects input from an untrusted source
to pathname generation, which a bad idea anyhow. Most shell scripts do not
work on untrusted data. secteam@ says no advisory is necessary.

PR:		bin/148733
Reported by:	Changming Sun snnn119 at gmail com
MFC after:	10 days
2010-08-10 22:45:59 +00:00
..
builtins sh: Return 0 from eval if no command was given. 2010-08-03 22:17:29 +00:00
errors sh: Fix bug in assignment error test. 2010-05-09 16:04:32 +00:00
execution Fix some cases where file descriptors from redirections leak to programs. 2009-11-29 22:33:59 +00:00
expansion sh: Fix heap-based buffer overflow in pathname generation. 2010-08-10 22:45:59 +00:00
parameters sh: On startup of the shell, use PWD from the environment if it is valid. 2010-04-17 14:35:46 +00:00
parser sh: Fix crash due to uninitialized here-document. 2010-07-25 22:25:52 +00:00
set-e Add tests for r193169. 2009-05-31 17:23:27 +00:00
Makefile
regress.sh Add test cases for the command built-in, including its -v and -V options which 2005-10-28 14:02:42 +00:00
regress.t