Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improper text validation enables you to read ENV variables #7

Closed
promix17 opened this issue Apr 13, 2016 · 3 comments

Comments

Projects
None yet
2 participants
@promix17
Copy link

commented Apr 13, 2016

This enables you to read env variables:

  speech = Speech.new("$HOME")
  speech.speak

May be it is possible to perform RCE injection.

@promix17 promix17 changed the title Improper text validation enables read ENV variables Improper text validation enables you to read ENV variables Apr 13, 2016

@bcoles

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2016

Yes this allows code execution. For example: $(uname)

@bcoles

This comment has been minimized.

Copy link
Contributor

commented Apr 22, 2016

The following methods are vulnerable:

  • speak
  • save
  • bytes
  • bytes_wav

I'll submit a patch shortly.

@bcoles

This comment has been minimized.

Copy link
Contributor

commented Apr 23, 2016

@dejan I've submitted a patch. Please merge and gem push as I would like to use your gem :)

@dejan dejan closed this in 5251744 May 14, 2016

dejan added a commit that referenced this issue May 14, 2016

Merge pull request #8 from bcoles/patch-1
Replace sanitized_text method - Fix #7

dejan added a commit that referenced this issue May 14, 2016

Merge pull request #9 from dejan/revert-8-patch-1
Revert "Replace sanitized_text method - Fix #7"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.