mirror of
https://github.com/opnsense/src.git
synced 2026-02-16 00:58:21 -05:00
Austin Group bugs #1226 and #1250 changed the requirements for shell scripts without #! (POSIX does not specify #!; this is about the shell execution when execve(2) returns an [ENOEXEC] error). POSIX says we shall allow execution if the initial part intended to be parsed by the shell consists of characters and does not contain the NUL character. This allows concatenating a shell script (ending with exec or exit) and a binary payload. In order to reject common binary files such as PNG images, check that there is a lowercase letter or expansion before the last newline before the NUL character, in addition to the check for the newline character suggested by POSIX.
8 lines
247 B
Text
8 lines
247 B
Text
# $FreeBSD$
|
|
|
|
T=`mktemp -d "${TMPDIR:-/tmp}/sh-test.XXXXXXXX"` || exit
|
|
trap 'rm -rf "${T}"' 0
|
|
printf 'printf "this "\necho is a test\nexit\n\0' >"$T/testshellproc"
|
|
chmod 755 "$T/testshellproc"
|
|
PATH=$T:$PATH
|
|
[ "`testshellproc`" = "this is a test" ]
|