[3262] in bugtraq
Re: BUG in /bin/bash
daemon@ATHENA.MIT.EDU (Arthur Hyun)
Fri Aug 23 12:30:24 1996
Date: Thu, 22 Aug 1996 23:00:09 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Arthur Hyun <arthur@support.psi.com>
X-To: David Holland <dholland@hcs.harvard.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: Your message of Thu, 22 Aug 1996 15:35:18 EDT.
<CMM-RU.1.5.840742518.paradox@pegasus.rutgers.edu>
On Thu, 22 Aug 1996 15:35:18 -0400,
Red Barchetta <paradox@pegasus.rutgers.edu> wrote:
+-
|Their test string "bash -c 'ls\377who'" gave this output on my Solaris 2.5
|system:
|
| bash: ls377who: command not found
|
|Can anyone verify that this is really a problem?
+-
try something like this: bash -c `/bin/echo 'ls\0377who'`
\3 == 3, so 'ls\377who' is 8 chars. but "/bin/echo 'ls\0377who'"
turns into 6 chars because the echo interprets \0377 as an
octal escape for a single char.
if you run it under bash, then you need some more quotes to get
the full effect because the top level bash steals the \377:
bash -c "`/bin/echo 'ls\0377who'`"
-arthur
