[pacman-dev] [PATCH v2 3/3] run XferCommand via exec
Allan McRae
allan at archlinux.org
Sat Oct 12 10:41:47 UTC 2019
On 12/10/19 1:45 pm, Andrew Gregory wrote:
> system() runs the provided command via a shell, which is subject to
> command injection. Even though pacman already provides a mechanism to
> sign and verify the databases containing the urls, certain distributions
> have yet to get their act together and start signing databases, leaving
> them vulnerable to MITM attacks. Replacing the system call with an
> almost equivalent exec call removes the possibility of a shell-injection
> attack for those users.
>
> Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
> ---
> v2:
> * properly deal with signals
> * pass errno via pipe instead of mmap
> * fix debug logging
>
> src/pacman/conf.c | 129 ++++++++++++++++++++++++----
> src/pacman/conf.h | 2 +
> test/pacman/tests/sync200.py | 2 +-
> test/pacman/tests/xfercommand001.py | 2 +-
> 4 files changed, 116 insertions(+), 19 deletions(-)
>
> diff --git a/src/pacman/conf.c b/src/pacman/conf.c
> index 2d8518c4..9a39bba9 100644
> --- a/src/pacman/conf.c
> +++ b/src/pacman/conf.c
> @@ -29,6 +29,7 @@
> #include <sys/stat.h>
> #include <sys/types.h>
> #include <sys/utsname.h> /* uname */
> +#include <sys/wait.h>
> #include <unistd.h>
>
> /* pacman */
> @@ -153,6 +154,7 @@ int config_free(config_t *oldconfig)
> free(oldconfig->print_format);
> free(oldconfig->arch);
> free(oldconfig);
> + wordsplit_free(oldconfig->xfercommand_argv);
This line needs to be one higher.
A
More information about the pacman-dev
mailing list