Bash’s white collar eval: [[ $var -eq 42 ]] runs arbitrary code too

Did you know this bash snippet is open to arbitrary code execution from user input? #!/bin/bash read -rp "Enter guess: " num if [[ $num -eq 42 ]] then echo "Correct" else echo "Wrong" fi Here’s an example: $ ./myscript Enter guess: 42 Correct $ ./myscript Enter guess: a[$(date >&2)]+42 Sun Feb 4 19:06:19 PST … Continue reading Bash’s white collar eval: [[ $var -eq 42 ]] runs arbitrary code too

Vidar's Blog
6 Comments