Skip Menu |
Queue is disabled
This queue is disabled and you may not create new tickets in it. Disabled queues are usually because the distribution was merged with another or changed names. Sometimes they are the end result of a bad autocreate from PAUSE data before anyone noticed.
Report information
Id: 124275
Status: open
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: zefram [at] fysh.org
Cc:
AdminCc:

Operating System: Linux
PatchStatus: (no value)
Severity: low
Type: utilities
Perl Version: 5.20.2
Fixed In: (no value)



To: perlbug [...] perl.org
CC: zefram [...] fysh.org
From: zefram [...] fysh.org
Subject: shell injection in c2ph
Date: Thu, 09 Apr 2015 16:39:32 +0100
Download (untitled) / with headers
text/plain 4.2k
This is a bug report for perl from zefram@fysh.org, generated with the help of perlbug 1.40 running under perl 5.20.2. ----------------------------------------------------------------- [Please describe your issue here] $ /opt/perl/bin/c2ph -n ';echo wibble.c' cc: fatal error: no input files compilation terminated. wibble.c Can't open ;echo wibble.s: No such file or directory at /opt/perl/bin/c2ph line 475. The program is doing things with the supplied filenames that assume they contain only ordinary characters. Obviously the author, whoever he might be, is not familiar with Unix. [Please do not change anything below this line] ----------------------------------------------------------------- --- Flags: category=utilities severity=low --- Site configuration information for perl 5.20.2: Configured by root at Fri Mar 20 11:06:52 UTC 2015. Summary of my perl5 (revision 5 version 20 subversion 2) configuration: Platform: osname=linux, osvers=3.2.0-4-amd64, archname=x86_64-linux-ld uname='linux ukmcwzefram.photobox.priv 3.2.0-4-amd64 #1 smp debian 3.2.60-1+deb7u3 x86_64 gnulinux ' config_args='-des -Duseshrplib -Duse64bitint -Duselongdouble -Uusethreads -Uusemultiplicity -Dprefix=/opt/perl-5.20.2 -Dsiteprefix=/opt/perl-5.20.2 -Dvendorprefix=/opt/perl-5.20.2/vendor -Doptimize=-ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution -Dcccdlflags=-fPIC -O3 -pipe' hint=recommended, useposix=true, d_sigaction=define useithreads=undef, usemultiplicity=undef use64bitint=define, use64bitall=define, uselongdouble=define usemymalloc=n, bincompat5005=undef Compiler: cc='cc', ccflags ='-fwrapv -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64', optimize='-ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution', cppflags='-fwrapv -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include' ccversion='', gccversion='4.7.2', gccosandvers='' intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16 ivtype='long', ivsize=8, nvtype='long double', nvsize=16, Off_t='off_t', lseeksize=8 alignbytes=16, prototype=define Linker and Libraries: ld='cc', ldflags =' -fstack-protector -L/usr/local/lib' libpth=/usr/local/lib /usr/lib/gcc/x86_64-linux-gnu/4.7/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib libs=-lnsl -ldb -ldl -lm -lcrypt -lutil -lc perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc libc=libc-2.17.so, so=so, useshrplib=true, libperl=libperl.so gnulibc_version='2.17' Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/opt/perl-5.20.2/lib/5.20.2/x86_64-linux-ld/CORE' cccdlflags='-fPIC -O3 -pipe', lddlflags='-shared -ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution -L/usr/local/lib -fstack-protector' --- @INC for perl 5.20.2: /opt/perl-5.20.2/lib/site_perl/5.20.2/x86_64-linux-ld /opt/perl-5.20.2/lib/site_perl/5.20.2 /opt/perl-5.20.2/vendor/lib/vendor_perl/5.20.2/x86_64-linux-ld /opt/perl-5.20.2/vendor/lib/vendor_perl/5.20.2 /opt/perl-5.20.2/lib/5.20.2/x86_64-linux-ld /opt/perl-5.20.2/lib/5.20.2 . --- Environment for perl 5.20.2: HOME=/home/zefram LANG (unset) LANGUAGE (unset) LD_LIBRARY_PATH (unset) LOGDIR (unset) PATH=/home/zefram/pub/x86_64-unknown-linux-gnu/bin:/home/zefram/pub/common/bin:/usr/bin:/bin:/usr/local/bin:/usr/games:/opt/babelhttpd-2.2.26/bin:/opt/babelhttpd-2.4.7/bin:/opt/geoip/bin:/opt/httpd/bin:/opt/perl/bin PERL_BADLANG (unset) SHELL=/usr/bin/zsh
Date: Thu, 9 Apr 2015 21:15:25 +0200
CC: "bugs-bitbucket [...] rt.perl.org" <bugs-bitbucket [...] rt.perl.org>
From: Leon Timmermans <fawaka [...] gmail.com>
Subject: Re: [perl #124275] shell injection in c2ph
To: Perl5 Porters <perl5-porters [...] perl.org>
Download (untitled) / with headers
text/plain 727b
On Thu, Apr 9, 2015 at 5:39 PM, Zefram <perlbug-followup@perl.org> wrote:
Show quoted text
$ /opt/perl/bin/c2ph -n ';echo wibble.c'
cc: fatal error: no input files
compilation terminated.
wibble.c
Can't open ;echo wibble.s: No such file or directory at /opt/perl/bin/c2ph line 475.

The program is doing things with the supplied filenames that assume
they contain only ordinary characters.  Obviously the author, whoever
he might be, is not familiar with Unix.

The author was Tom Christiansen, and I believe he's quite familiar with Unix. It was written in perl4 in 1991 and hasn't been updated much since, I think that is the real problem. IMNSHO the best way to deal with this is to remove it from core entirely.

Leon



This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org