WingNews logo WingNews
top | item 46316056

(no title)

bah_humbug | 2 months ago

> resolvconf(8) is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input to resolvconf(8) may be executed.

The fix consists of implementing an XXX present since the code was added:

    /*
     * XXX validate that domain name only contains valid characters
     * for two reasons: 1) correctness, 2) we do not want to pass
     * possible malicious, unescaped characters like `` to a script
     * or program that could be exploited that way.
     */
https://www.freebsd.org/security/patches/SA-25:12/rtsold.pat...

discuss

order

jandrese|2 months ago

It is wild that it was in that state for so long. It probably took just about as long to write that comment as it would have to implement the proper solution.

apstls|2 months ago

grep --include=*.{c,h} -rnw -B3 -A15 'XXX' ./ | claude -p 'Analyze each code snippet and pick the five most concerning, from a security perspective.'