Bug#924792: pidof: unsanitized user input makes pidof crash
Matteo Croce
mcroce at redhat.com
Tue Mar 19 14:36:41 GMT 2019
Hi all,
I have an idea: implement an option to specify the default separator as
in propcs-ng:
https://gitlab.com/procps-ng/procps/commit/73492b182dc60c1605d1b0d62de651fad97807af
$ pidof bash
17701 14019 5276 2967
$ pidof -S, bash
17701,14019,5276,2967
$ pidof -S'
' bash
17701
14019
5276
2967
This should be enough to avoid extra calls to grep/sed/awk and
impossible to exploit.
Regards,
--
Matteo Croce
per aspera ad upstream
More information about the Debian-init-diversity
mailing list