Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

shell injection in c2ph #14643

Open
p5pRT opened this issue Apr 9, 2015 · 3 comments
Open

shell injection in c2ph #14643

p5pRT opened this issue Apr 9, 2015 · 3 comments
Labels
distro-Linux type-utilities

Comments

@p5pRT
Copy link

p5pRT commented Apr 9, 2015

Migrated from rt.perl.org#124275 (status was 'open')

Searchable as RT124275$
@p5pRT
Copy link
Author

p5pRT commented Apr 9, 2015

From zefram@fysh.org

Created by zefram@fysh.org

$ /opt/perl/bin/c2ph -n ';echo wibble.c'
cc​: fatal error​: no input files
compilation terminated.
wibble.c
Can't open ;echo wibble.s​: No such file or directory at /opt/perl/bin/c2ph line 475.

The program is doing things with the supplied filenames that assume
they contain only ordinary characters. Obviously the author, whoever
he might be, is not familiar with Unix.

Perl Info 

Flags:
    category=utilities
    severity=low

Site configuration information for perl 5.20.2:

Configured by root at Fri Mar 20 11:06:52 UTC 2015.

Summary of my perl5 (revision 5 version 20 subversion 2) configuration:
   
  Platform:
    osname=linux, osvers=3.2.0-4-amd64, archname=x86_64-linux-ld
    uname='linux ukmcwzefram.photobox.priv 3.2.0-4-amd64 #1 smp debian 3.2.60-1+deb7u3 x86_64 gnulinux '
    config_args='-des -Duseshrplib -Duse64bitint -Duselongdouble -Uusethreads -Uusemultiplicity -Dprefix=/opt/perl-5.20.2 -Dsiteprefix=/opt/perl-5.20.2 -Dvendorprefix=/opt/perl-5.20.2/vendor -Doptimize=-ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution -Dcccdlflags=-fPIC -O3 -pipe'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    use64bitint=define, use64bitall=define, uselongdouble=define
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-fwrapv -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution',
    cppflags='-fwrapv -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
    ccversion='', gccversion='4.7.2', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='long double', nvsize=16, Off_t='off_t', lseeksize=8
    alignbytes=16, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -fstack-protector -L/usr/local/lib'
    libpth=/usr/local/lib /usr/lib/gcc/x86_64-linux-gnu/4.7/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib
    libs=-lnsl -ldb -ldl -lm -lcrypt -lutil -lc
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.17.so, so=so, useshrplib=true, libperl=libperl.so
    gnulibc_version='2.17'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/opt/perl-5.20.2/lib/5.20.2/x86_64-linux-ld/CORE'
    cccdlflags='-fPIC -O3 -pipe', lddlflags='-shared -ggdb -O3 -fbranch-target-load-optimize -fgcse-las -fgcse-sm -fipa-pta -floop-block -floop-interchange -floop-strip-mine -fmodulo-sched -fomit-frame-pointer -freorder-blocks-and-partition -fsched-spec-load -fsched-spec-load-dangerous -ftree-loop-distribution -L/usr/local/lib -fstack-protector'



@INC for perl 5.20.2:
    /opt/perl-5.20.2/lib/site_perl/5.20.2/x86_64-linux-ld
    /opt/perl-5.20.2/lib/site_perl/5.20.2
    /opt/perl-5.20.2/vendor/lib/vendor_perl/5.20.2/x86_64-linux-ld
    /opt/perl-5.20.2/vendor/lib/vendor_perl/5.20.2
    /opt/perl-5.20.2/lib/5.20.2/x86_64-linux-ld
    /opt/perl-5.20.2/lib/5.20.2
    .


Environment for perl 5.20.2:
    HOME=/home/zefram
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/zefram/pub/x86_64-unknown-linux-gnu/bin:/home/zefram/pub/common/bin:/usr/bin:/bin:/usr/local/bin:/usr/games:/opt/babelhttpd-2.2.26/bin:/opt/babelhttpd-2.4.7/bin:/opt/geoip/bin:/opt/httpd/bin:/opt/perl/bin
    PERL_BADLANG (unset)
    SHELL=/usr/bin/zsh

@p5pRT
Copy link
Author

p5pRT commented Apr 9, 2015

From @Leont

On Thu, Apr 9, 2015 at 5​:39 PM, Zefram <perlbug-followup@​perl.org> wrote​:

$ /opt/perl/bin/c2ph -n ';echo wibble.c'
cc​: fatal error​: no input files
compilation terminated.
wibble.c
Can't open ;echo wibble.s​: No such file or directory at /opt/perl/bin/c2ph
line 475.

The program is doing things with the supplied filenames that assume
they contain only ordinary characters. Obviously the author, whoever
he might be, is not familiar with Unix.

The author was Tom Christiansen, and I believe he's quite familiar with
Unix. It was written in perl4 in 1991 and hasn't been updated much since, I
think that is the real problem. IMNSHO the best way to deal with this is to
remove it from core entirely.

Leon

@p5pRT
Copy link
Author

p5pRT commented Apr 9, 2015

The RT System itself - Status changed from 'new' to 'open'

@xenu xenu removed the affects-5.20 label Nov 19, 2021
@xenu xenu removed the Severity Low label Dec 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
distro-Linux type-utilities
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xenu @p5pRT