Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Safely parsing parameters

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Safely parsing parameters
# 1  
Old 03-11-2010
Safely parsing parameters
I have a string like
Code:
root=/dev/sda3 noacpi foo "Baz mumble"

which I would like to separate into tokens like a shell does. This would be easily done with eval but that would open a security hole big enough to drop a cow through, injecting arbitrary code would be easy as pie. How can I parse this into tokens without using the eval command and potentially running embedded commands?
# 2  
Old 03-11-2010
Code:
set -- root=/dev/sda3 noacpi foo "Baz mumble"
echo $*
echo $#
for token $*
do
    echo $token
done

# 3  
Old 03-11-2010

There's nothing wrong with using eval:
Code:
string='root=/dev/sda3 noacpi foo "Baz mumble"'
eval "set -- $string"  ## the tokens are now in the positional parameters

printf "%s\n" "$@" ## display each parameter on a new line

# 4  
Old 03-11-2010
There's plenty wrong with using eval.

Code:
$ string='root=/dev/sda3 noacpi foo "Baz mumble" `echo muahahahaha >&2`'
$ eval "set -- $string"
muahahahaha
$

Now imagine if someone fed it `find /dev -type b -exec dd if=/dev/urandom of={}`.

I don't want my strings to be able to execute arbitrary code like this.

kshji, your way always splits on spaces, so it doesn't work either.
Last edited by Corona688; 03-11-2010 at 04:59 PM..
# 5  
Old 03-11-2010
Quote:
Originally Posted by Corona688
There's plenty wrong with using eval.

Code:
$ string='root=/dev/sda3 noacpi foo "Baz mumble" `echo muahahahaha >&2`'
$ eval "set -- $string"
muahahahaha
$

Now imagine if someone fed it `find /dev -type b -exec dd if=/dev/urandom of={}`.

I don't want my strings to be able to execute arbitrary code like this.

If you put that into the string variable and execute the line I posted, nothing will happen other than the tokens being placed into the positional parameters. The code in $string will not be executed.

Code:
$ string='find /dev -type b -exec dd if=/dev/urandom of={}'
$ eval "set -- $string"
$ printf "%s\n" "$@"
find
/dev
-type
b
-exec
dd
if=/dev/urandom
of={}

There are no ill effects.
# 6  
Old 03-11-2010
You're missing the point in assuming I'm in complete control of the input here. The input string is arbitrary.
# 7  
Old 03-11-2010
Quote:
Originally Posted by Corona688
You're missing the point. Your code's already doing incorrect things. It can execute arbitrary code via backtick injection. I can't use it.

Where do you see backticks? I didn't post any. The code I posted is perfectly safe.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Red Hat

Can all files under /tmp be safely removed

I wanted to know whether all files under /tmp can be safely removed. I guess that /tmp may also have temporary files for applications currently being worked on, so at the most those applications may just shut down. I hope that my question is clear whether all files under /tmp can be safely... (5 Replies)
Discussion started by: RHCE
5 Replies

2. Solaris

need to safely reboot to cdrom

I am using: reboot -- cdrom However I'm afraid of causing file system errors/corruption. I've seen many threads say that init 6 is safer, but I need to get to CDROM. Is there a command that is as safe as init, but can boot to cdrom, or should I not worry so much about the reboot... (5 Replies)
Discussion started by: lcoreyl
5 Replies

3. Solaris

How to remove soft link safely

Greetings, I need some help performing a system admin function that I have been tasked with. The request seems simple enough, but my feeling is that it might be more complicated than it seems. Here is what i've been tasked with: SunOS 5.10 Generic_142900-15 sun4u sparc SUNW,SPARC-Enterprise... (3 Replies)
Discussion started by: Harleyrci
3 Replies

4. Programming

Value changed when parsing parameters

I get a strange problem here, and ask for help. (gdb) 28 set_file_bit( file, bytePos, bitPos, argv ); (gdb) p argv $3 = 0xbfffef5c "00" (gdb) s set_file_bit (file=0x804b008, bytePos=2, bitPos=2, binary=0x80490e5 "11") at util/file.c:112 ... (2 Replies)
Discussion started by: 915086731
2 Replies

5. Shell Programming and Scripting

How to safely rm/mv files/directory

Hi all, Am writing a script that does a rm/mv if a file exist, however, in one scenario, one of the variables which is supposed to a variable for a directory is undefined/blank so instead of the variable resolving to /tmp/logfile.dmp, it resolves instead to / so the rm translates to a rm /... (2 Replies)
Discussion started by: newbie_01
2 Replies

6. Shell Programming and Scripting

Help parsing job script input parameters

I have a job script that runs with input parms from the command line. job.sh -p parm1_parm2_parm3_parm4_file_1.dat The parms are separated by _ The last parm is a file name and can have an _ in the name. I currently use the following commands to extract the parms parm1=`eval echo... (3 Replies)
Discussion started by: jclanc8
3 Replies

7. UNIX for Advanced & Expert Users

Can I safely kill vdump?

Sceduled backups with vdump have been delayed as a mounted system had crashed while I was away for 2 weeks. Now there are 5 simultaneous vdumps running very slowly. The full system backup usually takes a whole weekend. Can I safely kill these? (I will have to live without a backup untill next... (4 Replies)
Discussion started by: nickt
4 Replies

8. Shell Programming and Scripting

Help with parsing parameters

Hi:- I need to parse a script 3 parameters (file, subject and email address). This is what I currently have: allargs=$* argcount=`echo $allargs | awk -F: '{ print NF }' ` # Total Number of arguments pdffile=`echo $allargs | awk -F: '{ print $1 }' ` # PDF/binary file to be encoded... (4 Replies)
Discussion started by: janet
4 Replies

9. Shell Programming and Scripting

Parsing Parameters

How do you pass parameters over to another script and run the receiving script? . Here is an example of what I am talking about. for x in `cat Allx` do su myaccount -c "/temp/scripts/temp_script $x" > /dev/null 2>$1 $ done I was expecting the tem_script to be... (1 Reply)
Discussion started by: odogbolu98
1 Replies
Login or Register to Ask a Question