rpm/cgit
SHA256
1
0
Fork 0
forked from pool/cgit
Code Pull Requests Activity
b819ff884b
cgit/cgit-CVE-2012-4548-fix.diff

25 lines
913 B
Diff
Raw Normal View History

Accepting request 139647 from home:tiwai:branches:devel:tools:scm - cgit-CVE-2012-4548-fix.diff: Fix VUL-0: cgit: arbitrary code / command execution via improperly quoted arguments (CVE-2012-4548, bnc#787074) OBS-URL: https://build.opensuse.org/request/show/139647 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/cgit?expand=0&rev=14
2012-10-29 12:00:17 +01:00
From 7ea35f9f8ecf61ab42be9947aae1176ab6e089bd Mon Sep 17 00:00:00 2001
From: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Sun, 28 Oct 2012 02:03:41 +0000
Subject: syntax-highlighting.sh: Fix command injection.
By not quoting the argument, an attacker with the ability to add files
to the repository could pass arbitrary arguments to the highlight
command, in particular, the --plug-in argument which can lead to
arbitrary command execution.
This patch adds simple argument quoting.
---
---
filters/syntax-highlighting.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/filters/syntax-highlighting.sh
+++ b/filters/syntax-highlighting.sh
@@ -31,4 +31,4 @@ EXTENSION="${BASENAME##*.}"
# map Makefile and Makefile.* to .mk
[ "${BASENAME%%.*}" == "Makefile" ] && EXTENSION=mk
-exec highlight --force -f -I -X -S $EXTENSION 2>/dev/null
+exec highlight --force -f -I -X -S "$EXTENSION" 2>/dev/null
Copy Permalink