|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Safely parsing parameters
Post 302406601 by Corona688 on Tuesday 23rd of March 2010 11:18:01 AM
03-23-2010
Sorry, I didn't notice this reply.
They are strings being fed into the kernel commandline itself, and being processed by my initramfs system by a full-fledged BASH shell. It occurred to me that splitting at the shell level like this was both very powerful and perilous, so I wondered if there was a general solution to this whole class of problems.
The perl solution looks very nice. It wouldn't be hard to feed it backticks instead of processing them first the way I get the data from the kernel. Unfortunately perl is a bit weighty to cram into an initramfs bootstrap loader.
But on second thought -- doesn't perl have backticks too?
I don't think my original post was "unbelievably vague". The problem is the same no matter what the ultimate purpose -- splitting arguments intelligently in a shell without permitting any expansions or substitutions. Whether or not the code is executing with elevated permissions, this isn't the sort of thing you want to allow just incidentally.
To process and evaluate the commands I must first divide them so I know what it would actually be doing, otherwise I'm just doing ad-hoc "injection rejection". I could write my own char-by-char shell parser inside the shell I suppose but this seems overkill. I could also make an escape-everything regex to make the string safe before eval-ing it but it's hard to prove there's absolutely no holes or omissions in a system like that. Or I could just strip out all dollar signs and backticks, but what if someday I need to pass a literal backtick for some reason?
I was hoping there was some obvious and more elegant way I was missing I suppose. Oh well, thanks for your responses.
They are strings being fed into the kernel commandline itself, and being processed by my initramfs system by a full-fledged BASH shell. It occurred to me that splitting at the shell level like this was both very powerful and perilous, so I wondered if there was a general solution to this whole class of problems.
The perl solution looks very nice. It wouldn't be hard to feed it backticks instead of processing them first the way I get the data from the kernel. Unfortunately perl is a bit weighty to cram into an initramfs bootstrap loader.
But on second thought -- doesn't perl have backticks too?I don't think my original post was "unbelievably vague". The problem is the same no matter what the ultimate purpose -- splitting arguments intelligently in a shell without permitting any expansions or substitutions. Whether or not the code is executing with elevated permissions, this isn't the sort of thing you want to allow just incidentally.
To process and evaluate the commands I must first divide them so I know what it would actually be doing, otherwise I'm just doing ad-hoc "injection rejection". I could write my own char-by-char shell parser inside the shell I suppose but this seems overkill. I could also make an escape-everything regex to make the string safe before eval-ing it but it's hard to prove there's absolutely no holes or omissions in a system like that. Or I could just strip out all dollar signs and backticks, but what if someday I need to pass a literal backtick for some reason?
I was hoping there was some obvious and more elegant way I was missing I suppose. Oh well, thanks for your responses.
Last edited by Corona688; 03-23-2010 at 12:37 PM..
|
|
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
How do you pass parameters over to another script and run the receiving script? .
Here is an example of what I am talking about.
for x in `cat Allx`
do
su myaccount -c "/temp/scripts/temp_script $x" > /dev/null 2>$1 $
done
I was expecting the tem_script to be... (1 Reply)
Discussion started by: odogbolu98
1 Replies
2. Shell Programming and Scripting
Hi:- I need to parse a script 3 parameters (file, subject and email address). This is what I currently have:
allargs=$*
argcount=`echo $allargs | awk -F: '{ print NF }' ` # Total Number of arguments
pdffile=`echo $allargs | awk -F: '{ print $1 }' ` # PDF/binary file to be encoded... (4 Replies)
Discussion started by: janet
4 Replies
3. UNIX for Advanced & Expert Users
Sceduled backups with vdump have been delayed as a mounted system had crashed while I was away for 2 weeks. Now there are 5 simultaneous vdumps running very slowly. The full system backup usually takes a whole weekend.
Can I safely kill these? (I will have to live without a backup untill next... (4 Replies)
Discussion started by: nickt
4 Replies
4. Shell Programming and Scripting
I have a job script that runs with input parms from the command line.
job.sh -p parm1_parm2_parm3_parm4_file_1.dat
The parms are separated by _
The last parm is a file name and can have an _ in the name.
I currently use the following commands to extract the parms
parm1=`eval echo... (3 Replies)
Discussion started by: jclanc8
3 Replies
5. Shell Programming and Scripting
Hi all,
Am writing a script that does a rm/mv if a file exist, however, in one scenario, one of the variables which is supposed to a variable for a directory is undefined/blank so instead of the variable resolving to /tmp/logfile.dmp, it resolves instead to / so the rm translates to a rm /... (2 Replies)
Discussion started by: newbie_01
2 Replies
6. Programming
I get a strange problem here, and ask for help.
(gdb)
28 set_file_bit( file, bytePos, bitPos, argv );
(gdb) p argv
$3 = 0xbfffef5c "00"
(gdb) s
set_file_bit (file=0x804b008, bytePos=2, bitPos=2, binary=0x80490e5 "11") at util/file.c:112
... (2 Replies)
Discussion started by: 915086731
2 Replies
7. Solaris
Greetings,
I need some help performing a system admin function that I have been tasked with. The request seems simple enough, but my feeling is that it might be more complicated than it seems.
Here is what i've been tasked with:
SunOS 5.10 Generic_142900-15 sun4u sparc SUNW,SPARC-Enterprise... (3 Replies)
Discussion started by: Harleyrci
3 Replies
8. Solaris
I am using:
reboot -- cdrom
However I'm afraid of causing file system errors/corruption. I've seen many threads say that
init 6
is safer, but I need to get to CDROM.
Is there a command that is as safe as init, but can boot to cdrom, or should I not worry so much about the reboot... (5 Replies)
Discussion started by: lcoreyl
5 Replies
9. Red Hat
I wanted to know whether all files under /tmp can be safely removed. I guess that /tmp may also have temporary files for applications currently being worked on, so at the most those applications may just shut down.
I hope that my question is clear whether all files under /tmp can be safely... (5 Replies)
Discussion started by: RHCE
5 Replies
LEARN ABOUT SUNOS
eval
exec(1) User Commands exec(1) NAME
exec, eval, source - shell built-in functions to execute other commands SYNOPSIS
sh exec [argument...] eval [argument...] csh exec command eval argument... source [-h] name ksh *exec [arg...] *eval [arg...] DESCRIPTION
sh The exec command specified by the arguments is executed in place of this shell without creating a new process. Input/output arguments may appear and, if no other arguments are given, cause the shell input/output to be modified. The arguments to the eval built-in are read as input to the shell and the resulting command(s) executed. csh exec executes command in place of the current shell, which terminates. eval reads its arguments as input to the shell and executes the resulting command(s). This is usually used to execute commands generated as the result of command or variable substitution. source reads commands from name. source commands may be nested, but if they are nested too deeply the shell may run out of file descrip- tors. An error in a sourced file at any level terminates all nested source commands. -h Place commands from the file name on the history list without executing them. ksh With the exec built-in, if arg is given, the command specified by the arguments is executed in place of this shell without creating a new process. Input/output arguments may appear and affect the current process. If no arguments are given the effect of this command is to mod- ify file descriptors as prescribed by the input/output redirection list. In this case, any file descriptor numbers greater than 2 that are opened with this mechanism are closed when invoking another program. The arguments to eval are read as input to the shell and the resulting command(s) executed. On this man page, ksh(1) commands that are preceded by one or two * (asterisks) are treated specially in the following ways: 1. Variable assignment lists preceding the command remain in effect when the command completes. 2. I/O redirections are processed after variable assignments. 3. Errors cause a script that contains them to abort. 4. Words, following a command preceded by ** that are in the format of a variable assignment, are expanded with the same rules as a vari- able assignment. This means that tilde substitution is performed after the = sign and word splitting and file name generation are not performed. EXIT STATUS
For ksh: If command is not found, the exit status is 127. If command is found, but is not an executable utility, the exit status is 126. If a redi- rection error occurs, the shell exits with a value in the range 1-125. Otherwise, exec returns a zero exit status. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsu | +-----------------------------+-----------------------------+ SEE ALSO
csh(1), ksh(1), sh(1), attributes(5) SunOS 5.10 17 Jul 2002 exec(1)