[commits] [batmand] master: It is not necessary to call an external binary to clear the screen of a default unix terminal emulator. The external call using system("clear") may be used by an attacker to get untrusted code called with an higher privilege because batmand has to be run using uid 0. (58480ca)

postmaster at open-mesh.org postmaster at open-mesh.org
Sun Sep 15 17:49:39 CEST 2013


Repository : ssh://git@open-mesh.org/batmand

On branch  : master

>---------------------------------------------------------------

commit 58480ca5e0086449d41425bcd2e48ee948c5b8db
Author: Sven Eckelmann <sven at narfation.org>
Date:   Sun Sep 15 17:43:48 2013 +0200

    It is not necessary to call an external binary to clear the screen of a default
    unix terminal emulator. The external call using system("clear") may be used by
    an attacker to get untrusted code called with an higher privilege because
    batmand has to be run using uid 0.
    
    Signed-off-by: Sven Eckelmann <sven at narfation.org>


>---------------------------------------------------------------

58480ca5e0086449d41425bcd2e48ee948c5b8db
 posix/init.c        |    3 ++-
 posix/posix.c       |    3 ++-
 posix/unix_socket.c |    3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/posix/init.c b/posix/init.c
index 9cefe73..308e476 100644
--- a/posix/init.c
+++ b/posix/init.c
@@ -719,7 +719,8 @@ more_hna:
 				} else if ( strncmp( buff_ptr, "BOD", 3 ) == 0 ) {
 
 					if ( !batch_mode )
-						system( "clear" );
+						/* clear screen, set cursor back to 0,0 */
+						printf("\033[2J\033[0;0f");
 
 				} else {
 
diff --git a/posix/posix.c b/posix/posix.c
index 81cd2e1..5cdf417 100644
--- a/posix/posix.c
+++ b/posix/posix.c
@@ -181,7 +181,8 @@ static void bat_wait( int32_t T, int32_t t ) {
 
 void print_animation( void ) {
 
-	system( "clear" );
+	/* clear screen, set cursor back to 0,0 */
+	printf("\033[2J\033[0;0f");
 	BAT_LOGO_END( 0, 50 );
 
 	sym_print( 0, 3, "." );
diff --git a/posix/unix_socket.c b/posix/unix_socket.c
index fc9983b..11c96b2 100644
--- a/posix/unix_socket.c
+++ b/posix/unix_socket.c
@@ -100,7 +100,8 @@ void debug_output(int8_t debug_prio, const char *format, ...) {
 			dprintf(debug_level_info->fd, "[%10u] ", get_time_msec());
 
 		if (((debug_level == 1) || (debug_level == 2)) && (debug_level_info->fd == 1) && (strncmp(format, "BOD", 3) == 0))
-			system("clear");
+			/* clear screen, set cursor back to 0,0 */
+			printf("\033[2J\033[0;0f");
 
 		if (((debug_level != 1) && (debug_level != 2)) || (debug_level_info->fd != 1) || (strncmp(format, "EOD", 3) != 0))
 			vdprintf(debug_level_info->fd, format, args);



More information about the commits mailing list