summary refs log tree commit diff
path: root/Test
diff options
context:
space:
mode:
authorAnthony Sottile <asottile@umich.edu>2018-09-03 14:39:25 +0000
committerDaniel Shahaf <d.s@daniel.shahaf.name>2018-09-03 15:07:47 +0000
commit1c4c7b6a4d17294df028322b70c53803a402233d (patch)
tree9017103102c523609b4f3210788a4406a173a19f /Test
parentbaef71ccfc9df3221916a4356dafe5d792a509c6 (diff)
downloadzsh-1c4c7b6a4d17294df028322b70c53803a402233d.tar.gz
zsh-1c4c7b6a4d17294df028322b70c53803a402233d.tar.xz
zsh-1c4c7b6a4d17294df028322b70c53803a402233d.zip
CVE-2018-0502, CVE-2018-13259: Fix two security issues in shebang line parsing.
See NEWS for more information.

Patch by Anthony Sottile and Buck Evan.
Diffstat (limited to 'Test')
-rw-r--r--Test/A05execution.ztst22
1 files changed, 22 insertions, 0 deletions
diff --git a/Test/A05execution.ztst b/Test/A05execution.ztst
index 0804691a7..fb39d0589 100644
--- a/Test/A05execution.ztst
+++ b/Test/A05execution.ztst
@@ -12,7 +12,14 @@
 
   print '#!/bin/sh\necho This is dir2' >dir2/tstcmd
 
+  print -n '#!sh\necho This is slashless' >tstcmd-slashless
+  print -n '#!echo foo\necho This is arg' >tstcmd-arg
+  print '#!xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnyyy' >tstcmd-interp-too-long
+  print '#!/bin/sh\necho should not execute; exit 1' >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxn
+
   chmod 755 tstcmd dir1/tstcmd dir2/tstcmd
+  chmod 755 tstcmd-slashless tstcmd-arg tstcmd-interp-too-long
+  chmod 755 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxn
 
 %test
   ./tstcmd
@@ -33,6 +40,21 @@
 0:path (2)
 >This is top
 
+  PATH=/bin:${ZTST_testdir}/command.tmp/ tstcmd-slashless
+0:path (3)
+>This is slashless
+
+  PATH=/bin:${ZTST_testdir}/command.tmp tstcmd-arg
+0:path (4)
+*>foo */command.tmp/tstcmd-arg
+
+  path=(/bin ${ZTST_testdir}/command.tmp/)
+  tstcmd-interp-too-long 2>&1; echo "status $?"
+  path=($storepath)
+0:path (5)
+*>*tstcmd-interp-too-long: bad interpreter: x*xn: no such file or directory
+>status 127
+
   functst() { print $# arguments:; print -l $*; }
   functst "Eines Morgens" "als Gregor Samsa"
   functst ""