Thank you for the awesome shell. I noticed the following after upgrading
from 5.1.16-3 to 5.2.2-2 on Fedora. It actually resulted in a minor amount
of data loss.
#!/usr/bin/env -S bash --
mapfile -t < <(
cat <<- EOF
;FFMETADATA1
EOF
while read -r ; do
Hello everyone!
I've attached a minimal script which shows the issue, and my recommended
solution.
Affected for sure:
System1: 64 bit Ubuntu 22.04.4 LTS - Bash: 5.1.16(1)-release - Hardware:
HP Pavilion 14-ec0013nq (Ryzen 5 5500u, 32GB RAM, Radeon grapics, nvme
SSD.)
System2: 64 bit Ubuntu 2
convincing
enough. I see it as a serious threat so I spent the afternoon to proove
it by writing a one liner exloit example... :)
No ill intent, just trying to help since even the best sys admin are
people, and thus prone to error. A malicious script does not care, does
not tire, does not make
On 2024-04-08 05:58, Robert Elz wrote:
Date:Mon, 8 Apr 2024 02:50:29 +0100
From:Kerin Millar
Message-ID:
<20240408025029.e7585f2f52fe510d2a686...@plushkava.net>
| which is to read scripts in their entirety before trying to execute
| the resulting program. To go ab
On 2024-04-08 14:02, Greg Wooledge wrote:
On Mon, Apr 08, 2024 at 12:40:55PM +0700, Robert Elz wrote:
or perhaps better just:
main() { ... } ; main "$@"
You'd want to add an "exit" as well, to protect against new lines of
code being appended to the script.
Yes that is correct. it's far ea
Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-p$
uname output: Linux colm.tk 3.5.0-21-generic #32-Ubuntu SMP Tue Dec 11
Hi, I am the fml mailing list manager for <[EMAIL PROTECTED]>.
Hmm, you may be not a member.
1. Your mail may come from a bad address which is not
registered in this mailing list
2. Your mail has a syntax error.
If you would like to subscribe this mailing list
subscribe YOUR NAME
