lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20220922114715.237279-1-xu.panda@zte.com.cn>
Date:   Thu, 22 Sep 2022 11:47:17 +0000
From:   cgel.zte@...il.com
To:     linux-kernel@...r.kernel.org
Cc:     Xu Panda <xu.panda@....com.cn>, Zeal Robot <zealci@....com.cn>
Subject: [PATCH linux-next] scripts/get_dvb_firmware: use absolute path when using system()

From: Xu Panda <xu.panda@....com.cn>

Not using absolute path when using system() which can lead to serious
security issues.
---
FYI:
We have to abide by strict rules. When we send out emails, it
will be forwarded by the unified mailbox. When we want to send emails in
personal name to anyone outside the company, we must apply for it, which
is far more difficult than modifying patches. I'm really sorry I can't
reply to you guys.
I used ./scripts/get_maintainer.pl scripts/get_dvb_firmware and only got
linux-kernel@...r.kernel.org (open list), so I didn't add -cc.
Can cause serious problems when using system(), maybe there's a better
way than using absolute paths, but there's no reason for a serious bug
to stay in the kernel.
Please give me some inspiration, thanks a lot.
---
Reported-by: Zeal Robot <zealci@....com.cn>
Signed-off-by: Xu Panda <xu.panda@....com.cn>
---
 scripts/get_dvb_firmware | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/scripts/get_dvb_firmware b/scripts/get_dvb_firmware
index 1a90802410bc..4ca5aef4203b 100755
--- a/scripts/get_dvb_firmware
+++ b/scripts/get_dvb_firmware
@@ -807,19 +807,19 @@ sub si2165 {
 # Utilities
 
 sub checkstandard {
-    if (system("which unzip > /dev/null 2>&1")) {
+    if (system("/usr/bin/which unzip > /dev/null 2>&1")) {
 	die "This firmware requires the unzip command - see ftp://ftp.info-zip.org/pub/infozip/UnZip.html\n";
     }
-    if (system("which md5sum > /dev/null 2>&1")) {
+    if (system("/usr/bin/which md5sum > /dev/null 2>&1")) {
 	die "This firmware requires the md5sum command - see http://www.gnu.org/software/coreutils/\n";
     }
-    if (system("which wget > /dev/null 2>&1")) {
+    if (system("/usr/bin/which wget > /dev/null 2>&1")) {
 	die "This firmware requires the wget command - see http://wget.sunsite.dk/\n";
     }
 }
 
 sub checkunshield {
-    if (system("which unshield > /dev/null 2>&1")) {
+    if (system("/usr/bin/which unshield > /dev/null 2>&1")) {
 	die "This firmware requires the unshield command - see http://sourceforge.net/projects/synce/\n";
     }
 }
@@ -828,14 +828,14 @@ sub wgetfile {
     my ($sourcefile, $url) = @_;
 
     if (! -f $sourcefile) {
-	system("wget -O \"$sourcefile\" \"$url\"") and die "wget failed - unable to download firmware";
+	system("/usr/bin/wget -O \"$sourcefile\" \"$url\"") and die "wget failed - unable to download firmware";
     }
 }
 
 sub unzip {
     my ($sourcefile, $todir) = @_;
 
-    $status = system("unzip -q -o -d \"$todir\" \"$sourcefile\" 2>/dev/null" );
+    $status = system("/usr/bin/unzip -q -o -d \"$todir\" \"$sourcefile\" 2>/dev/null" );
     if ((($status >> 8) > 2) || (($status & 0xff) != 0)) {
 	die ("unzip failed - unable to extract firmware");
     }
@@ -862,7 +862,7 @@ sub verify {
 sub copy {
     my ($from, $to) = @_;
 
-    system("cp -f \"$from\" \"$to\"") and die ("cp failed");
+    system("/usr/bin/cp -f \"$from\" \"$to\"") and die ("cp failed");
 }
 
 sub extract {
-- 
2.15.2     

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ