Re: Bug on function.

Tue, 08 Dec 2015 00:30:08 -0800 

dumbass@Lucifer:~$ ./report.sh 'echo' 1 2 3 4 5 6 7 8 9 10
param 1  : echo
param 2  : 1
param 3  : 2
param 4  : 3
param 5  : 4
param 6  : 5
param 7  : 6
param 8  : 7
param 9  : 8
param 10  : echo0
param 11  : echo1
param 12  : echo2
param 13  : echo3
param 14  : echo4
param 15  : echo5
param 16  : echo6
param 17  : echo7
param 18  : echo8
param 19  : echo9
param 20  : 10
param 21  : 11
param 22  : 12
param 23  : 13
param 24  : 14
param 25  : 15
param 26  : 16
param 27  : 17
param 28  : 18
param 29  : 19
param 30  : 20
param 31  : 21
param 32  : 22
param 33  : 23
param 34  : 24
param 35  : 25
param 36  : 26
param 37  : 27
param 38  : 28
param 39  : 29
param 40  : 30


On Tue, Dec 8, 2015 at 4:15 PM, Kelvin Tan Thiam Teck <kelvin...@gmail.com>
wrote:

> eh thanks, listed them to show that my param from 10th to 18 is affected,
> instead of 18th param only.
>
> On Tue, Dec 8, 2015 at 4:13 PM, Pierre Gaston <pierre.gas...@gmail.com>
> wrote:
>
>>
>>
>> On Tue, Dec 8, 2015 at 9:58 AM, Kelvin Tan Thiam Teck <
>> kelvin...@gmail.com> wrote:
>>
>>> dumbass@Lucifer:~$ ./report.sh "echo ln -s /sbin/halt; mv halt ;reboot8
>>> ;* reboot*" AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA
>>> AAA AAA AAA AAA AAA
>>> Before Passing Thru Function: echo ln -s /sbin/halt; mv halt ;reboot8 ;
>>> reboot AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA
>>> AAA AAA AAA
>>> reboot: Need to be root
>>> 9th:
>>> 10th: echo0
>>> 11th: echo1
>>> 12th: echo2
>>> 13th: echo3
>>> 14th: echo4
>>> 15th: echo5
>>> 16th: echo6
>>> 17th: echo7
>>> ./report.sh: line 29: echo8: command not found
>>> 19th: echo9
>>> 20th: ln0
>>> dumbass@Lucifer:~$
>>>
>>
>> I think you misunderstand me, I'm not denying that you inject some code.
>> What I'm saying is that the bug is in your code.
>> Here is a simpler way to reproduce:
>>
>>  cat inject
>> #!/bin/bash
>> function foo {
>>   "$2"
>> }
>>
>> foo $*
>> $ ./inject "blah date"
>> Tue Dec  8 10:08:45 EET 2015
>>
>> You can see that "date" is executed, but it's a bug in the script, $* is
>> split in 2 as it is supposed to and foo receives 2 arguments.
>>
>> you can fix the bug using "$@"
>> $ vi inject
>> $ cat inject
>> #!/bin/bash
>> function foo {
>>   "$2"
>> }
>>
>> foo "$@"
>> $ ./inject "blah date"
>> ./inject: line 3: : command not found
>>
>>
>> Now the arguments are not split again and foo receives only one argument,
>> hence the error.
>>
>> As I said, there are many pitfalls in shellscript that's why allowing
>> running a script with more privilege than the user have is dangerous.
>>
>>
>>
>

Reply via email to