From owner-dev-commits-src-all@freebsd.org Sat Jan 30 22:26:26 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7A0274FB20A; Sat, 30 Jan 2021 22:26:26 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from mail02.stack.nl (scw01.stack.nl [51.15.111.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "*.stack.nl", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DSphf1mgdz3N5X; Sat, 30 Jan 2021 22:26:25 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail02.stack.nl (Postfix) with ESMTP id 31EFF1E00A3; Sat, 30 Jan 2021 22:26:18 +0000 (UTC) Received: from mail02.stack.nl ([127.0.0.1]) by localhost (mail02.stack.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AD1OxuHvbFJ0; Sat, 30 Jan 2021 22:26:16 +0000 (UTC) Received: from blade.stack.nl (blade.stack.nl [192.168.121.130]) by mail02.stack.nl (Postfix) with ESMTP id 5AFCC1E0093; Sat, 30 Jan 2021 22:26:16 +0000 (UTC) Received: by blade.stack.nl (Postfix, from userid 1677) id 43D642422A8; Sat, 30 Jan 2021 23:26:16 +0100 (CET) Date: Sat, 30 Jan 2021 23:26:16 +0100 From: Jilles Tjoelker To: Eugene Grosbein Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: Re: git: 3708b615c354 - stable/12 - sh: Allow more scripts without #! Message-ID: <20210130222616.GA4539@stack.nl> References: <202101301511.10UFBjcd033018@gitrepo.freebsd.org> <5cee1fe4-8aa8-0ad7-55ab-125bfbcb7c7f@grosbein.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5cee1fe4-8aa8-0ad7-55ab-125bfbcb7c7f@grosbein.net> User-Agent: Mutt/1.9.4 (2018-02-28) X-Rspamd-Queue-Id: 4DSphf1mgdz3N5X X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jan 2021 22:26:26 -0000 On Sat, Jan 30, 2021 at 11:10:09PM +0700, Eugene Grosbein wrote: > 30.01.2021 22:11, Jilles Tjoelker wrote: > [skip] > > +static bool > > +isbinary(const char *data, size_t len) > > +{ > > + const char *nul, *p; > > + bool hasletter; > > + > > + nul = memchr(data, '\0', len); > > + if (nul == NULL) > > + return false; > > + /* > > + * POSIX says we shall allow execution if the initial part intended > > + * to be parsed by the shell consists of characters and does not > > + * contain the NUL character. This allows concatenating a shell > > + * script (ending with exec or exit) and a binary payload. > > + * > > + * In order to reject common binary files such as PNG images, check > > + * that there is a lowercase letter or expansion before the last > > + * newline before the NUL character, in addition to the check for > > + * the newline character suggested by POSIX. > > + */ > > + hasletter = false; > > + for (p = data; *p != '\0'; p++) { > > + if ((*p >= 'a' && *p <= 'z') || *p == '$' || *p == '`') > > + hasletter = true; > > + if (hasletter && *p == '\n') > > + return false; > > + } > > + return true; > > +} > Before last newline or before first newline? Before the last newline, according to both comment and code. It is acceptable to have an empty line, a line containing only '{', etc. before the line containing the lowercase letter or expansion. I could add another test case for this, if that would clarify things (just like I did for the "actually portable executable" hacks). -- Jilles Tjoelker