Re: [code] Any ideas ?

From: Jörgen (di4sig@cse.hks.se)
Date: 10/03/96


> > > > Just wondering about the code snippet presented below.
> > > > > sprintf(buf, "mail -s \"%s\" %s <MAILFILE.TXT &", subject, emailaddr);
> > > 
> > > if (strchr(emailaddr, ';') != NULL) {
> >              ^^^^^^^^^^^^^
> >              What happens if this would be a '&' instead? Bye bye files
> > 
> > Make some kind of generic function that will check the incoming string.
> > Allow NO Unix shell-characters ; : & > < and you will be fine.
> > 
> 
> then this should do it:
> 
>      if (strchr(";:&<>", emailaddr) != NULL) {
>  

Ick, forgot something... '|'

Think about this 'email' "rm -rf / | echo 'Sucker' ~/README | more" And you might consider to
exclude '*' from the list. And oh, I forgot backticks `  you know `ls` would execute everything
that ls spits out. :)
HEh.. So.. chang the if statement to if(strchr("`;:&<>|*", emailaddr) != NULL
+ you should probably to a check if the user has typed in a @-charecter.

AND one thing, do NOT use sendmail instead of mail at any time, cuz sendmail is one BIG BLACK HOLE
in the security.

In any event when calling a program using system and/or execXX ALWAYS take a minute to think over
the security risks. Otherwise someone will find out how to erase your mud and/or entire system.


// Zigg
+-----------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
|   http://cspo.queensu.ca/~fletcher/Circle/list_faq.html   |
+-----------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/18/00 PST