d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/bin/sh
History
Jilles Tjoelker c8a3d81f34 sh: Fix heap-based buffer overflow in pathname generation. 
The buffer for generated pathnames could be too small in some cases. It
happened to be always at least PATH_MAX long, so there was never an overflow
if the resulting pathnames would be usable.

This bug may be abused if a script subjects input from an untrusted source
to pathname generation, which a bad idea anyhow. Most shell scripts do not
work on untrusted data. secteam@ says no advisory is necessary.

PR:		bin/148733
Reported by:	Changming Sun snnn119 at gmail com
MFC after:	10 days
2010-08-10 22:45:59 +00:00
..
bltin
funcs
alias.c
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
alias.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
arith_lex.l
sh: Use stalloc for arith variable names.
2010-04-25 20:43:19 +00:00
arith.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
arith.y
sh: Use stalloc for arith variable names.
2010-04-25 20:43:19 +00:00
builtins.def
cd.c
sh: On startup of the shell, use PWD from the environment if it is valid.
2010-04-17 14:35:46 +00:00
cd.h
sh: On startup of the shell, use PWD from the environment if it is valid.
2010-04-17 14:35:46 +00:00
error.c
sh: Fix some bugs with backquoted builtins:
2010-01-01 18:17:46 +00:00
error.h
sh: Add some __dead2 to indicate functions that do not return.
2009-12-24 20:55:14 +00:00
eval.c
sh: Return 0 from eval if no command was given.
2010-08-03 22:17:29 +00:00
eval.h
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
exec.c
sh: Improve the command builtin:
2010-03-06 16:57:53 +00:00
exec.h
sh: Improve the command builtin:
2010-03-06 16:57:53 +00:00
expand.c
sh: Fix heap-based buffer overflow in pathname generation.
2010-08-10 22:45:59 +00:00
expand.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
histedit.c
sh: Do not enter consecutive duplicates into the history.
2010-08-01 16:37:51 +00:00
init.h
input.c
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
input.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
jobs.c
sh: Forget about terminated background processes sooner.
2010-06-29 22:37:45 +00:00
jobs.h
sh: Forget about terminated background processes sooner.
2010-06-29 22:37:45 +00:00
mail.c
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
mail.h
main.c
sh: Recognize "--" in . and exec.
2010-05-28 22:40:24 +00:00
main.h
sh: Do not run callers' exception handlers in subshells.
2009-12-25 20:21:35 +00:00
Makefile
memalloc.c
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
memalloc.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
miscbltin.c
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
mkbuiltins
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
mkinit.c
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
mknodes.c
sh: Fix crash with empty functions (f() { }) introduced in r196483
2009-08-28 22:41:25 +00:00
mksyntax.c
Remove unnecessary duplicate letters in mksyntax.c,
2010-08-08 21:04:27 +00:00
mktokens
myhistedit.h
sh: Pass TERM changes to libedit.
2010-06-02 19:16:58 +00:00
mystring.c
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
mystring.h
nodes.c.pat
sh: Fix crash with empty functions (f() { }) introduced in r196483
2009-08-28 22:41:25 +00:00
nodetypes
options.c
sh: Automatically enable -o emacs in interactive shells with terminals.
2010-04-05 14:15:51 +00:00
options.h
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
output.c
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
output.h
sh: Fix some bugs with backquoted builtins:
2010-01-01 18:17:46 +00:00
parser.c
sh: Fix crash due to uninitialized here-document.
2010-07-25 22:25:52 +00:00
parser.h
sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
2009-12-27 18:04:05 +00:00
redir.c
Fix some cases where file descriptors from redirections leak to programs.
2009-11-29 22:33:59 +00:00
redir.h
sh.1
sh: Forget about terminated background processes sooner.
2010-06-29 22:37:45 +00:00
shell.h
show.c
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
show.h
sh: Constify various strings.
2009-12-24 18:41:14 +00:00
TOUR
trap.c
trap: do not consider a bad signal name a fatal error.
2009-11-21 20:44:34 +00:00
trap.h
sh: Add some __dead2 to indicate functions that do not return.
2009-12-24 20:55:14 +00:00
var.c
sh: Pass TERM changes to libedit.
2010-06-02 19:16:58 +00:00
var.h
sh: Pass TERM changes to libedit.
2010-06-02 19:16:58 +00:00