[Bug 14241] uudecode doesn't recognise the special decode_pathname /dev/stdout
bugzilla at busybox.net
bugzilla at busybox.net
Wed Sep 29 03:58:30 UTC 2021
https://bugs.busybox.net/show_bug.cgi?id=14241
Christoph Anton Mitterer <calestyo at scientia.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |major
--- Comment #3 from Christoph Anton Mitterer <calestyo at scientia.net> ---
I've attached a patch, which should fix the issue (but someone with more
knowledge on busybox should double check ;-) ).
Also it updates docs/posix_conformance.txt because uudecode clearly has -o, but
I'm not sure whether it's POSIX-compliant or not (that would also require
things like file permission bits restoration and so, I guess).
I've also increased severity, cause I think such a bug could at least
potentially have security implications (imagine a user wants to make sure data
is written to stdout and uses -o /dev/stdout for that) but in fact the data
(which may be confidential) is written to a fresh file /dev/stdout, where
everyone can read it.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list