Takashi Iwai
b819ff884b
- cgit-CVE-2012-4548-fix.diff: Fix VUL-0: cgit: arbitrary code / command execution via improperly quoted arguments (CVE-2012-4548, bnc#787074) OBS-URL: https://build.opensuse.org/request/show/139647 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/cgit?expand=0&rev=14
25 lines
913 B
Diff
25 lines
913 B
Diff
From 7ea35f9f8ecf61ab42be9947aae1176ab6e089bd Mon Sep 17 00:00:00 2001
|
|
From: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Date: Sun, 28 Oct 2012 02:03:41 +0000
|
|
Subject: syntax-highlighting.sh: Fix command injection.
|
|
|
|
By not quoting the argument, an attacker with the ability to add files
|
|
to the repository could pass arbitrary arguments to the highlight
|
|
command, in particular, the --plug-in argument which can lead to
|
|
arbitrary command execution.
|
|
|
|
This patch adds simple argument quoting.
|
|
---
|
|
---
|
|
filters/syntax-highlighting.sh | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
--- a/filters/syntax-highlighting.sh
|
|
+++ b/filters/syntax-highlighting.sh
|
|
@@ -31,4 +31,4 @@ EXTENSION="${BASENAME##*.}"
|
|
# map Makefile and Makefile.* to .mk
|
|
[ "${BASENAME%%.*}" == "Makefile" ] && EXTENSION=mk
|
|
|
|
-exec highlight --force -f -I -X -S $EXTENSION 2>/dev/null
|
|
+exec highlight --force -f -I -X -S "$EXTENSION" 2>/dev/null
|