/ sudo Public
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse the repository at this point in the history
Fix potential buffer overflow when unescaping backslashes in user_args.
Also, do not try to unescaping backslashes unless in run mode *and* we are running the command via a shell. Found by Qualys, this fixes CVE-2021-3156.
- Loading branch information
Showing 1 changed file with 18 additions and 5 deletions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
last one! #cs4239rocks!