Full Disclosure mailing list archives
Re: sh-httpd `wildcard character' vulnerability
From: Thomas Binder <full-disclosure () arago de>
Date: Mon, 27 Oct 2003 17:40:26 +0100
Hi! On Mon, Oct 27, 2003 at 10:42:45PM +0800, dong-h0un U wrote:
[...] bname() { local IFS='/' - set -- $1 + set -- "$1" eval rc="\$$#" [ "$rc" = "" ] && eval rc="\$$(($# - 1))" echo "$rc"
Mhmm, doesn't that break things, as $# will always be 1 if you do set -- "$some_variable" no matter how many instances of $IFS there are in $some_variable: $ foo="/a/b/c/d" $ IFS='/' $ set -- "$foo" $ echo $# 1 $ echo "$1" a/b/c/d Actually, $# should be 4 and $1 should be "a" I'd rather suggest using set -f set -- $some_variable set +f to disable wildcard expansion for the set-statement: $ foo="/var/tmp/*" $ IFS='/' $ set -f $ set $foo $ set +f $ echo $# 3 $ echo "1: $2, 2: $2, 3: $3" 1: tmp, 2: tmp, 3: * Ciao Thomas _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- sh-httpd `wildcard character' vulnerability dong-h0un U (Oct 27)
- Re: sh-httpd `wildcard character' vulnerability Thomas Binder (Oct 27)
- Re: sh-httpd `wildcard character' vulnerability Richard Brittain (Oct 28)
- Re: sh-httpd `wildcard character' vulnerability Dave Ahmad (Oct 28)