This repository has been archived by the owner on Apr 23, 2024. It is now read-only.

[BUG] Arbitrary code execution via code injection #249

Open

antecrescent opened this issue Jan 4, 2024 · 1 comment

antecrescent commented Jan 4, 2024

Describe the bug
https://github.com/TheDarkBug/uwufetch/blob/454b153a2cd09a09ed1ebf4eb2697c386c960381/uwufetch.c#L203-L205
Line 203 and 205 allow for arbitrary code execution via code injection.

To Reproduce

make
./uwufetch -i "; clear; echo foo"
sh: line 1: viu: command not found
foo
[uwufetch output]
▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇

Expected behavior
Reject or exit because of unsafe user input.

Desktop (please complete the following information):

OS: Gentoo Linux
Version 2.1

Proposed solution
Call viu directly and handle its exit code instead of relying on sprintf + shell script.

Are you already working on this bug?
No.

The text was updated successfully, but these errors were encountered:

Owner

ad-oliviero commented Jan 6, 2024

I am rewriting the "rendering" function. I'll keep this in mind.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.