This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug corefiles/22888] New: gcore shell script fails on some filenames (PATCH)
- From: "sourceware at gms dot tf" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: Sat, 24 Feb 2018 17:20:30 +0000
- Subject: [Bug corefiles/22888] New: gcore shell script fails on some filenames (PATCH)
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=22888
Bug ID: 22888
Summary: gcore shell script fails on some filenames (PATCH)
Product: gdb
Version: HEAD
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: corefiles
Assignee: unassigned at sourceware dot org
Reporter: sourceware at gms dot tf
Target Milestone: ---
Created attachment 10849
--> https://sourceware.org/bugzilla/attachment.cgi?id=10849&action=edit
fix quoting issues and possible injections in filename etc.
The gcore shell script (gdb/gcore.in) doesn't quote its variables enough.
For example, trying to write a core file with - say - a space ungraciously
fails like this:
$ gcore -o 'foo bar' 6270
/usr/bin/gcore: line 92: [: foo: binary operator expected
gcore: failed to create foo bar.6270
Similarly, one can inject meta characters like * (by accident) that may yield
unexpected results, e.g. as in:
$ gcore -o foobar '*'
The attached patch fixes these issues in several places, e.g.:
- if [ -r $name.$pid ] ; then
+ if [ -r "$name.$pid" ] ; then
Also, since the script uses array syntax, the patch changes the first line:
-#!/bin/sh
+#!/bin/bash
POSIX doesn't specify the array syntax for shell, thus, the script doesn't work
on systems where /bin/sh is linked to - say - dash.
Since the source gcore.in already is processed by a pre-processor one could
even auto-detect the path to bash and thus dynamically generate the first line.
For systems where bash isn't available via /bin/bash. But I think this would be
overkill and /bin/bash is good enough as most systems probably have it.
--
You are receiving this mail because:
You are on the CC list for the bug.