[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] bash path normalization bug

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] bash path normalization bug
From: "Andris Berzins" <pkix@xxxxxxxx>
Date: Thu, 15 Nov 2012 22:09:56 +0200

$ bash --version<br />GNU bash, version 4.2.8(1)-release 
(x86_64-pc-linux-gnu)<br /><br />$ bash --version<br />GNU bash, version 
4.0.28(1)-release (i386-pc-solaris2.8)<br /><br />Bash fails to normalize path 
starting starting with "//" and will consider "/" and "//" to be different 
paths:<br /><br />$ cd /tmp &amp;&amp; pwd<br />/tmp<br />$ cd //tmp &amp;&amp; 
pwd<br />//tmp<br /><br />Scripts which do path normalization by:<code><span 
class="pln"><br />normalDir</span><span class="pun">=</span><span 
class="str">`cd "${dirToNormalize}";pwd`</span></code><br /><br />and check it 
against blacklists are vulnerable.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] bash path normalization bug
  - From: Seth Arnold

Prev by Date: [Full-disclosure] [SECURITY] [DSA 2575-1] tiff security update
Next by Date: [Full-disclosure] Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability
Previous by thread: [Full-disclosure] [SECURITY] [DSA 2575-1] tiff security update
Next by thread: Re: [Full-disclosure] bash path normalization bug
Index(es):
- Date
- Thread