Fossil SCM
All '&' as the last character in a fossil_system() string.
Commit
84346a317b77041d650515ca37cedfef60290bb6b10c026da1e8e17dc63a6e68
Parent
2209f553233fca8…
1 file changed
+4
-2
+4
-2
| --- src/util.c | ||
| +++ src/util.c | ||
| @@ -161,11 +161,13 @@ | ||
| 161 | 161 | /* |
| 162 | 162 | ** Check the input string to ensure that it is safe to pass into system(). |
| 163 | 163 | ** A string is unsafe for system() if it contains any of the following: |
| 164 | 164 | ** |
| 165 | 165 | ** * Any occurrance of '$' or '`' except after \ |
| 166 | -** * Any of the following characters, unquoted: ;|& or \n | |
| 166 | +** * Any of the following characters, unquoted: ;|& or \n except | |
| 167 | +** these characters are allowed as the very last character in the | |
| 168 | +** string. | |
| 167 | 169 | ** * Unbalanced single or double quotes |
| 168 | 170 | ** |
| 169 | 171 | ** This routine is intended as a second line of defense against attack. |
| 170 | 172 | ** It should never fail. Dangerous shell strings should be detected and |
| 171 | 173 | ** fixed before calling fossil_system(). This routine serves only as a |
| @@ -186,11 +188,11 @@ | ||
| 186 | 188 | } |
| 187 | 189 | case ';': |
| 188 | 190 | case '|': |
| 189 | 191 | case '&': |
| 190 | 192 | case '\n': { |
| 191 | - if( inQuote==0 ) unsafe = i+1; | |
| 193 | + if( inQuote==0 && z[i+1]!=0 ) unsafe = i+1; | |
| 192 | 194 | break; |
| 193 | 195 | } |
| 194 | 196 | case '"': |
| 195 | 197 | case '\'': { |
| 196 | 198 | if( inQuote==0 ){ |
| 197 | 199 |
| --- src/util.c | |
| +++ src/util.c | |
| @@ -161,11 +161,13 @@ | |
| 161 | /* |
| 162 | ** Check the input string to ensure that it is safe to pass into system(). |
| 163 | ** A string is unsafe for system() if it contains any of the following: |
| 164 | ** |
| 165 | ** * Any occurrance of '$' or '`' except after \ |
| 166 | ** * Any of the following characters, unquoted: ;|& or \n |
| 167 | ** * Unbalanced single or double quotes |
| 168 | ** |
| 169 | ** This routine is intended as a second line of defense against attack. |
| 170 | ** It should never fail. Dangerous shell strings should be detected and |
| 171 | ** fixed before calling fossil_system(). This routine serves only as a |
| @@ -186,11 +188,11 @@ | |
| 186 | } |
| 187 | case ';': |
| 188 | case '|': |
| 189 | case '&': |
| 190 | case '\n': { |
| 191 | if( inQuote==0 ) unsafe = i+1; |
| 192 | break; |
| 193 | } |
| 194 | case '"': |
| 195 | case '\'': { |
| 196 | if( inQuote==0 ){ |
| 197 |
| --- src/util.c | |
| +++ src/util.c | |
| @@ -161,11 +161,13 @@ | |
| 161 | /* |
| 162 | ** Check the input string to ensure that it is safe to pass into system(). |
| 163 | ** A string is unsafe for system() if it contains any of the following: |
| 164 | ** |
| 165 | ** * Any occurrance of '$' or '`' except after \ |
| 166 | ** * Any of the following characters, unquoted: ;|& or \n except |
| 167 | ** these characters are allowed as the very last character in the |
| 168 | ** string. |
| 169 | ** * Unbalanced single or double quotes |
| 170 | ** |
| 171 | ** This routine is intended as a second line of defense against attack. |
| 172 | ** It should never fail. Dangerous shell strings should be detected and |
| 173 | ** fixed before calling fossil_system(). This routine serves only as a |
| @@ -186,11 +188,11 @@ | |
| 188 | } |
| 189 | case ';': |
| 190 | case '|': |
| 191 | case '&': |
| 192 | case '\n': { |
| 193 | if( inQuote==0 && z[i+1]!=0 ) unsafe = i+1; |
| 194 | break; |
| 195 | } |
| 196 | case '"': |
| 197 | case '\'': { |
| 198 | if( inQuote==0 ){ |
| 199 |