From: Denys Vlasenko Date: Tue, 30 Jan 2018 03:29:03 +0000 (+0100) Subject: hush: protect against self-modifying trap code X-Git-Tag: 1_29_0~325 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=749575d3c52c32f57f46f2cbb2942a2204d333ee;p=oweals%2Fbusybox.git hush: protect against self-modifying trap code function old new delta check_and_run_traps 211 236 +25 Signed-off-by: Denys Vlasenko --- diff --git a/shell/hush.c b/shell/hush.c index ddf377355..585c51bd5 100644 --- a/shell/hush.c +++ b/shell/hush.c @@ -2004,10 +2004,12 @@ static int check_and_run_traps(void) smalluint save_rcode; char *argv[3]; /* argv[0] is unused */ - argv[1] = G_traps[sig]; + argv[1] = xstrdup(G_traps[sig]); + /* why strdup? trap can modify itself: trap 'trap "echo oops" INT' INT */ argv[2] = NULL; save_rcode = G.last_exitcode; builtin_eval(argv); + free(argv[1]); //FIXME: shouldn't it be set to 128 + sig instead? G.last_exitcode = save_rcode; last_sig = sig;