On 6/6/19 8:53 AM, Greg Wooledge wrote:
> On Thu, Jun 06, 2019 at 11:33:56AM +1000, David wrote:
>> Regarding $((...)) when Chet refers above to "the expression between the
>> parens"
>> he means whatever is between the parentheses, in this case the three dots.
>>
>> If I understand correctly,
On 6.6. 15:53, Greg Wooledge wrote:
wooledg:~$ echo $(( a[$i] ))
Tue 04 Jun 2019 09:23:28 AM EDT
0
wooledg:~$ echo $(( 'a[$i]' ))
bash: 'a[$(date >&2)]' : syntax error: operand expected (error token is "'a[$(date
>&2)]' ")
I definitely got different results when I added single quotes.
On Thu, Jun 06, 2019 at 11:33:56AM +1000, David wrote:
> Regarding $((...)) when Chet refers above to "the expression between the
> parens"
> he means whatever is between the parentheses, in this case the three dots.
>
> If I understand correctly, Chet is saying there that $((...)) is
> parsed
On Thu, 6 Jun 2019 at 03:40, Ilkka Virta wrote:
> On 5.6. 17:05, Chet Ramey wrote:
> > On 6/4/19 3:26 PM, Ilkka Virta wrote:
>
> >>$ echo "$(( 'a[2]' ))"
> >>bash: 'a[2]' : syntax error: operand expected (error token is "'a[2]' ")
> >
> > The expression between the parens is treated as if
On 6/5/19 1:39 PM, Ilkka Virta wrote:
> On 5.6. 17:05, Chet Ramey wrote:
>> On 6/4/19 3:26 PM, Ilkka Virta wrote:
>>> If the bad user supplied variable contains array indexing in itself, e.g.
>>> bad='none[$(date >&2)]' then using it in an arithmetic expansion still
>>> executes the 'date', single
On 5.6. 17:05, Chet Ramey wrote:
On 6/4/19 3:26 PM, Ilkka Virta wrote:
If the bad user supplied variable contains array indexing in itself, e.g.
bad='none[$(date >&2)]' then using it in an arithmetic expansion still
executes the 'date', single quotes or not (the array doesn't need to exist):
On 6/4/19 3:26 PM, Ilkka Virta wrote:
> On 4.6. 16:24, Greg Wooledge wrote:
>> On Tue, Jun 04, 2019 at 01:42:40PM +0200, Nils Emmerich wrote:
>>> Bash Version: 5.0
>>> Patch Level: 0
>>> Release Status: release
>>>
>>> Description:
>>> It is possible to get code execution via a user
On 4.6. 16:24, Greg Wooledge wrote:
On Tue, Jun 04, 2019 at 01:42:40PM +0200, Nils Emmerich wrote:
Bash Version: 5.0
Patch Level: 0
Release Status: release
Description:
It is possible to get code execution via a user supplied variable in
the mathematical context.
For example: ((
If you run
echo "$((v))"
and v is a user supplied variable.
If the user put a specific string in v, he can execute whatever he wants
in the name of the script, because echo "$((v))" will run that code.
Am 6/4/2019 um 4:29 PM schrieb Chet Ramey:
On 6/4/19 7:42 AM, Nils Emmerich wrote:
Bash
On 6/4/19 7:42 AM, Nils Emmerich wrote:
> Bash Version: 5.0
> Patch Level: 0
> Release Status: release
>
> Description:
> It is possible to get code execution via a user supplied variable
> in the mathematical context.
> I don't know if this is considered a bug or not, but if
On Tue, Jun 04, 2019 at 01:42:40PM +0200, Nils Emmerich wrote:
> Configuration Information [Automatically generated, do not change]:
> Machine: x86_64
> OS: linux-gnu
> Compiler: gcc
> Compilation CFLAGS: -g -O2 -Wno-parentheses -Wno-format-security
> uname output: Linux VirtualBox
Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -g -O2 -Wno-parentheses -Wno-format-security
uname output: Linux VirtualBox 4.18.0-20-generic #21~18.04.1-Ubuntu SMP $
Machine Type: x86_64-pc-linux-gnu
Bash
12 matches
Mail list logo
