Snippets Groups Projects

a sample of [cdwdoc-2023-001], maybe robust to ALTL overflow

this sample is for modern Linux (kernel 2.6.23 or later, and /usr/bin/realpath is part of GNU coreutils or is a symlink to modern busybox with glibc)

Edited 1 year ago

cdwdoc-2023-001_sample_dir2.sh 317 B

#!/bin/sh
# written by cleemy desu wayo / see [cdwdoc-2023-001] / Licensed under CC0 1.0

# maybe robust to ALTL overflow
if /bin/echo "x$1$2$3" | grep -v '[^a-z0-9/]' > /dev/null ; then :; else
  echo "error: invalid dir" >&2
  exit 1
fi

user_name="$1"
dir="$2"
option="$3"

realpath "/home/$user_name/$dir"
exit 0

cleemy desu wayo @cleemy-desu-wayo · 2 years ago

cdwdoc-2023-001_sample_dir.sh (vulnerable version) is here: https://gitlab.com/-/snippets/2487375

`cdwdoc-2023-001_sample_dir.sh` (vulnerable version) is here: https://gitlab.com/-/snippets/2487375

Please register or to comment