bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Execution in Mathematical Context

From: Chet Ramey
Subject: Re: Code Execution in Mathematical Context
Date: Tue, 4 Jun 2019 10:29:40 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 
On 6/4/19 7:42 AM, Nils Emmerich wrote:

> Bash Version: 5.0
> Patch Level: 0
> Release Status: release
> 
> Description:
>         It is possible to get code execution via a user supplied variable
> in the mathematical context.
>         I don't know if this is considered a bug or not, but if not, I
> think people should be made aware that the mathematical context is unsafe.

The tokens in a mathematical expression undergo a set of word expansions.
If you could post the example you're using we can analyze its behavior.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]