On 2009-08-21 16:36, Ben Finney <ben+deb...@benfinney.id.au> wrote: > On 18-Aug-2009, Philipp Weis wrote: > > For a demonstration of the problem, create a valid ogg file and name > > it > > > > " | date #".ogg > > Are the quote characters meant to be part of the filename? I assume > not, but I'm currently unable to reproduce this behaviour.
Yes, the quotes are part of the filename and crucial to the exploit. So just use the following as your first step: $ cp postgresql.ogg '" | date #".ogg' No need to waste a disk for this, the date gets printed while preparing the image. Philipp > > Then run burn -A -a *.ogg, and burn will happily print the current > > date. > > Here is the series of steps I'm following: > > * Start with a known Ogg Vorbis file (in my case, ‘postgresql.ogg’). > > * Copy the file to a problematic filename:: > > $ cp postgresql.ogg " | date #".ogg > $ ls -1 *.ogg > | date #.ogg > postgresql.ogg > > * Run ‘burn’ (with no disc in the drive):: > > $ burn -A -a *.ogg > You are not superuser (root). Do you still want to continue (yes/no) > [yes]? > Burn v.0.4.4 Written by Gaetano Paolone. > Burn until recorded, now! > This software comes with absolutely no warranty! Use at your own risk! > Burn is free software. > See software updates at <URL:http://www.bigpaul.org/burn/>. > > Audio-CD... > > Audio file processing. Please wait... > > Error. Please insert a blank CD/DVD. > […] > > At what point in the procedure do you see the date get printed? > > Does the program continue with the rest of the normal procedure, > recording an audio disc? > > Is it necessary to actually consume a blank disc to see this reported > behaviour? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
