1*4882a593SmuzhiyunFrom 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001 2*4882a593SmuzhiyunFrom: Andreas Gruenbacher <agruen@gnu.org> 3*4882a593SmuzhiyunDate: Fri, 6 Apr 2018 19:36:15 +0200 4*4882a593SmuzhiyunSubject: Invoke ed directly instead of using the shell 5*4882a593Smuzhiyun 6*4882a593Smuzhiyun* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell 7*4882a593Smuzhiyuncommand to avoid quoting vulnerabilities. 8*4882a593Smuzhiyun[Retrieved from: 9*4882a593Smuzhiyunhttps://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0] 10*4882a593SmuzhiyunSigned-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 11*4882a593Smuzhiyun--- 12*4882a593Smuzhiyun src/pch.c | 6 ++---- 13*4882a593Smuzhiyun 1 file changed, 2 insertions(+), 4 deletions(-) 14*4882a593Smuzhiyun 15*4882a593Smuzhiyundiff --git a/src/pch.c b/src/pch.c 16*4882a593Smuzhiyunindex 4fd5a05..16e001a 100644 17*4882a593Smuzhiyun--- a/src/pch.c 18*4882a593Smuzhiyun+++ b/src/pch.c 19*4882a593Smuzhiyun@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname, 20*4882a593Smuzhiyun *outname_needs_removal = true; 21*4882a593Smuzhiyun copy_file (inname, outname, 0, exclusive, instat.st_mode, true); 22*4882a593Smuzhiyun } 23*4882a593Smuzhiyun- sprintf (buf, "%s %s%s", editor_program, 24*4882a593Smuzhiyun- verbosity == VERBOSE ? "" : "- ", 25*4882a593Smuzhiyun- outname); 26*4882a593Smuzhiyun fflush (stdout); 27*4882a593Smuzhiyun 28*4882a593Smuzhiyun pid = fork(); 29*4882a593Smuzhiyun@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname, 30*4882a593Smuzhiyun else if (pid == 0) 31*4882a593Smuzhiyun { 32*4882a593Smuzhiyun dup2 (tmpfd, 0); 33*4882a593Smuzhiyun- execl ("/bin/sh", "sh", "-c", buf, (char *) 0); 34*4882a593Smuzhiyun+ assert (outname[0] != '!' && outname[0] != '-'); 35*4882a593Smuzhiyun+ execlp (editor_program, editor_program, "-", outname, (char *) NULL); 36*4882a593Smuzhiyun _exit (2); 37*4882a593Smuzhiyun } 38*4882a593Smuzhiyun else 39*4882a593Smuzhiyun-- 40*4882a593Smuzhiyuncgit v1.2.1 41*4882a593Smuzhiyun 42