Skip to content

Commit e6e5813

Browse files
committed
[Interp] CVE-2022-30688: Anchor interpreter regex to prevent local privilege escalation (reported by Jakub Wilk).
1 parent f54d85c commit e6e5813

File tree

3 files changed

+3
-3
lines changed

3 files changed

+3
-3
lines changed

Diff for: perl/lib/NeedRestart/Interp/Perl.pm

+1-1
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ sub isa {
4343
my $pid = shift;
4444
my $bin = shift;
4545

46-
return 1 if($bin =~ m@/usr/(local/)?bin/perl@);
46+
return 1 if($bin =~ m@^/usr/(local/)?bin/perl(5[.\d]*)?$@);
4747

4848
return 0;
4949
}

Diff for: perl/lib/NeedRestart/Interp/Python.pm

+1-1
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ sub isa {
4242
my $pid = shift;
4343
my $bin = shift;
4444

45-
return 1 if($bin =~ m@/usr/(local/)?bin/python@);
45+
return 1 if($bin =~ m@^/usr/(local/)?bin/python([23][.\d]*)?$@);
4646

4747
return 0;
4848
}

Diff for: perl/lib/NeedRestart/Interp/Ruby.pm

+1-1
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ sub isa {
4242
my $pid = shift;
4343
my $bin = shift;
4444

45-
return 1 if($bin =~ m@/usr/(local/)?bin/ruby@);
45+
return 1 if($bin =~ m@^/usr/(local/)?bin/ruby$@);
4646

4747
return 0;
4848
}

0 commit comments

Comments
 (0)