Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/bin/ed Pull up following revision(s) (requested by christ...



details:   https://anonhg.NetBSD.org/src/rev/30349aaa84d2
branches:  netbsd-8
changeset: 435075:30349aaa84d2
user:      martin <martin%NetBSD.org@localhost>
date:      Fri Jun 22 10:08:22 2018 +0000

description:
Pull up following revision(s) (requested by christos in ticket #887):

        bin/ed/main.c: revision 1.30

Prevent shell execution also in the 'r ! dobad' case, pointed out by
Martijn van Duren, thanks!

XXX: pullup-8

diffstat:

 bin/ed/main.c |  13 +++++--------
 1 files changed, 5 insertions(+), 8 deletions(-)

diffs (44 lines):

diff -r ce13129eef6c -r 30349aaa84d2 bin/ed/main.c
--- a/bin/ed/main.c     Wed Jun 20 12:41:45 2018 +0000
+++ b/bin/ed/main.c     Fri Jun 22 10:08:22 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $        */
+/*     $NetBSD: main.c,v 1.28.8.2 2018/06/22 10:08:22 martin Exp $     */
 
 /* main.c: This file contains the main control and user-interface routines
    for the ed line editor. */
@@ -39,7 +39,7 @@
 #if 0
 static char *rcsid = "@(#)main.c,v 1.1 1994/02/01 00:34:42 alm Exp";
 #else
-__RCSID("$NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $");
+__RCSID("$NetBSD: main.c,v 1.28.8.2 2018/06/22 10:08:22 martin Exp $");
 #endif
 #endif /* not lint */
 
@@ -865,14 +865,11 @@
                printf("%ld\n", addr_cnt ? second_addr : addr_last);
                break;
        case '!':
-               if (secure) {
-                       seterrmsg("'!' not allowed");
-                       return ERR;
-               }
                if (addr_cnt > 0) {
                        seterrmsg("unexpected address");
                        return ERR;
-               } else if ((sflags = get_shell_command()) < 0)
+               }
+               if ((sflags = get_shell_command()) < 0)
                        return ERR;
                GET_COMMAND_SUFFIX();
                if (sflags) printf("%s\n", shcmd + 1);
@@ -994,7 +991,7 @@
        int i = 0;
        int j = 0;
 
-       if (red) {
+       if (red || secure) {
                seterrmsg("shell access restricted");
                return ERR;
        } else if ((s = ibufp = get_extended_line(&j, 1)) == NULL)



Home | Main Index | Thread Index | Old Index