[Dnsmasq-discuss] Shellshock.
richardvoigt at gmail.com
richardvoigt at gmail.com
Tue Sep 30 13:38:09 BST 2014
The problem is that there seems to be no standard for what characters have
special meaning in environment variables (other than the usual "none do"
which bash is violating here). Without that, or at least a guarantee that
certain character AREN'T special, it's not possible to sanitize.
On Tue, Sep 30, 2014 at 4:05 AM, Roy Marples <roy at marples.name> wrote:
> Hi Simon
>
> On Monday 29 Sep 2014 20:17:56 Simon Kelley wrote:
> > There's no definition of what is allowed in those DHCP options, so it's
> > quite possible that a shell metacharacter would be encountered.
> > Sanitising the strings would therefore change what gets passed to the
> > script, ie it would be an API change.
>
> I've not looked at the dnsmasq source for this, but are you encoding binary
> non graphic data? If not, what is the expectation in script? If so, you are
> encoding it regardless - thus if you encode the shell metas in a similar
> fashion the API hasn't changed.
>
> Just because the DHCP RFC for option foo says it's an ASCII string does not
> mean that's what is really in the option, could easily be a PNG of Rick
> Astley!
>
> > Of course, the shell isn't supposed to interpret metacharacters in the
> > value of shell variables unless explicitly told to: so sanitising
> > shouldn't be required (though I concede it would mitigate a lot of
> > common shell-script errors.)
>
> Shells shouldn't allow function definitions in variables, but here we are
> :)
>
> Thanks
>
> Roy
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20140930/43c9f5c0/attachment.html>
More information about the Dnsmasq-discuss
mailing list