Date: Sat, 30 Jan 2021 23:10:09 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Jilles Tjoelker <jilles@FreeBSD.org>, src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: Re: git: 3708b615c354 - stable/12 - sh: Allow more scripts without #! Message-ID: <5cee1fe4-8aa8-0ad7-55ab-125bfbcb7c7f@grosbein.net> In-Reply-To: <202101301511.10UFBjcd033018@gitrepo.freebsd.org> References: <202101301511.10UFBjcd033018@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
30.01.2021 22:11, Jilles Tjoelker wrote:
[skip]
> +static bool
> +isbinary(const char *data, size_t len)
> +{
> + const char *nul, *p;
> + bool hasletter;
> +
> + nul = memchr(data, '\0', len);
> + if (nul == NULL)
> + return false;
> + /*
> + * POSIX says we shall allow execution if the initial part intended
> + * to be parsed by the shell consists of characters and does not
> + * contain the NUL character. This allows concatenating a shell
> + * script (ending with exec or exit) and a binary payload.
> + *
> + * In order to reject common binary files such as PNG images, check
> + * that there is a lowercase letter or expansion before the last
> + * newline before the NUL character, in addition to the check for
> + * the newline character suggested by POSIX.
> + */
> + hasletter = false;
> + for (p = data; *p != '\0'; p++) {
> + if ((*p >= 'a' && *p <= 'z') || *p == '$' || *p == '`')
> + hasletter = true;
> + if (hasletter && *p == '\n')
> + return false;
> + }
> + return true;
> +}
Before last newline or before first newline?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5cee1fe4-8aa8-0ad7-55ab-125bfbcb7c7f>