rvh
Reputation: 183
Shellshock Bash bug preload workaround
The RedHat had a workaround for the Shellshock vulnerability that involves a preload library. The URL for the workaround source code is available at bash_ld_preload.c.
But the workaround steps seem to have gone missing now. Was this a bad solution or no solution?
The code:
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
static void __attribute__ ((constructor)) strip_env(void);
extern char **environ;
static void strip_env()
{
char *p,*c;
int i = 0;
for (p = environ[i]; p!=NULL;i++ ) {
c = strstr(p,"=() {");
if (c != NULL) {
*(c+2) = '\0';
}
p = environ[i];
}
}
Upvotes: 2
Views: 348
Answers (1)
Charles Duffy
Reputation: 295698
The code given completely removes all exported functions from the environment (or, rather, makes their contents an empty string).
This does have the side effect you want, of making vulnerabilities related to parsing and handling of exported functions moot.
Upvotes: 2
Related Questions
- Regression: Exported Bash function lost after going through another process
- Set a Bash function on the environment
- Why isn't my bash 4.1.2 package vulnerable to shellshock? Is my test wrong?
- Can not exploit shellshock vulnerability for all files
- Strange Bash function export for the Shellshock bug
- Is the behavior behind the Shellshock vulnerability in Bash documented or at all intentional?
- Non imported environment variable with shellshock fixed bash version
- Root Cause of Shellshock Bash bug
- Shellshock - why is the injection of environment variables allowed?
- patching bash shell shock bug from source