33 lines
1.1 KiB
Diff
33 lines
1.1 KiB
Diff
|
Description: Fix CVE-2022-37704, second vector (RSH)
|
||
|
|
Author: seetharaman-rajagopal https://github.com/seetharaman-rajagopal
|
||
|
|
|
||
|
|
Index: amanda.git/client-src/rundump.c
|
||
|
|
===================================================================
|
||
|
|
--- amanda.git.orig/client-src/rundump.c 2023-02-24 21:12:21.457531656 +0000
|
||
|
|
+++ amanda.git/client-src/rundump.c 2023-02-24 21:14:42.113754385 +0000
|
||
|
|
@@ -197,6 +197,24 @@ main(
|
||
|
|
amfree(cmdline);
|
||
|
|
|
||
|
|
env = safe_env();
|
||
|
|
+ //Filter or Discard RSH Environmental variable
|
||
|
|
+ int env_count = 0;
|
||
|
|
+ for (int i = 0; env[i] != NULL; i++){
|
||
|
|
+ env_count++;
|
||
|
|
+ }
|
||
|
|
+ for (int i = 0; i < env_count; i++){
|
||
|
|
+ if (strncmp(env[i], "RSH=", 4) == 0){
|
||
|
|
+ // Remove RSH
|
||
|
|
+ g_free(env[i]);
|
||
|
|
+ // move array elements one step left - which are after "RSH"
|
||
|
|
+ for (int j = i; j < env_count; j++){
|
||
|
|
+ env[j] = env[j + 1];
|
||
|
|
+ }
|
||
|
|
+ //decrease the variable count
|
||
|
|
+ env[env_count-1] = NULL;
|
||
|
|
+ break;
|
||
|
|
+ }
|
||
|
|
+ }
|
||
|
|
execve(dump_program, argv, env);
|
||
|
|
free_env(env);
|
||
|
|
|