Comments (14)
The first one is a miss. It's fixed now.
I'm aware of and will live with the second one, don't see it changing anytime soon.
Thanks for the report! 👍
from nnn.
Maybe fix the way you use strncpy(3)
, the n
parameter should be the max length for dest
, not src
.
And maybe escape the file names in commands executed with system(3)
.
from nnn.
I believe that's not an issue anymore (wrt. strncpy(3) usage). strlen(newpath) can't exceed 4096 (PATH_MAX), and I have added a check to ensure the lengths of env vars don't exit 4096. Together, the length has to be less than MAX_CMD_LEN.
from nnn.
But I see the point now. It's safer and future proof. Will make the change. 👍
from nnn.
This is not escaping, wouldn't files contain '
break commands now?
from nnn.
@Duncaen I am not quite clear here though I understand there are some vulnerabilities. Probably raise a PR.
from nnn.
I believe you indicated this. To avoid all the string manipulation I decided to move from system(3) to exec* calls as much as possible.
from nnn.
There's also a few places where strcat could overflow the end of string.
There's a bunch of places where a malicious environment variable could overflow buffers (everywhere you see sprintf / strcat and xgetenv)
Then there's https://github.com/jarun/nnn/blob/master/nnn.c#L1585:
xstrlcpy(cmd + 1, player, MAX_CMD_LEN); // overflow by 1
The guiding rule broken in lots of places is: Don't trust your inputs. In nnn those are:
- filenames
- environment variables
- keyboard input
- command output (maybe?)
- possibly other things
from nnn.
xstrlcpy(cmd + 1, player, MAX_CMD_LEN); // overflow by 1
Please refer to the latest code. This is gone now.
from nnn.
Probably I'll get rid of the suspicious strcat()s as well.
from nnn.
I'm not a C programmer (my feedback on this was more out of curiosity than anything). Please forgive me if this is a stupid question ;). I wonder whether switching to C11 methods be helpful here e.g. strncpy_s / strncat_s.
There's a good article at http://www.informit.com/articles/article.aspx?p=2036582&seqNum=5 that highlights some of the potential issues with other mechanisms (like string truncation).
from nnn.
I wonder whether switching to C11 methods be helpful here e.g. strncpy_s / strncat_s.
Maybe, but there's always scope for doing better when it comes to questions on security. I believe when a system is having issues with EDITOR or PAGER, it's already compromised or the user intentionally wants to play evil. At some point we just need to put a stop to the paranoia and move ahead.
from nnn.
Another link for later reference.
from nnn.
I've got rid of all the system(3) calls (except a harmless one), an activity I wanted to start for sometime now. However, nnn is just around 1 month old and I was more involved in adding new features. Thanks for speeding up the activity. Happy to get rid of the shelluloid crap where my knowledge is admittedly limited.
If you find something else, maybe consider raising a PR?
from nnn.
Related Issues (20)
- NNN does not close Tmux pane on opening a file while preview HOT 5
- Can't batch rename files which names start with dash '-' HOT 6
- mv: unrecognized option '--cp' HOT 2
- Icons does not work when NNN is opened with -C option HOT 5
- preview-tui: mpv HOT 11
- Syntax error with prescribed split-pane script HOT 7
- tabs content colorization is not working (zsh+tmux) HOT 3
- preview-tui does not work with tmux 3.4 HOT 1
- Wrong position of previews in 4K monitor with fractional scaling of 1.5
- Files created with `n`, `f` have incorrect permissions HOT 5
- sort order.... whatever it means.. HOT 2
- preview-tui with wezterm: No FIFO available! ($NNN_FIFO='') HOT 2
- Respect keys regardless of kb language input HOT 4
- Visual Glitch, visual bug, the whole screen breaks, resize does something, redraw does not
- Sorting bug, different behavior for t and ^T HOT 2
- Misleading typo in the wiki HOT 1
- [plugin] file preview panel get stuck when use plugin preview-tui with tmux and bat HOT 1
- Keybind collision when using the colemak patch HOT 5
- malloc: error pointer being freed was not allocated HOT 9
- The first letter of the file is not correct after change dir HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nnn.