# Copyright (C) 2018 Free Software Foundation, Inc.
#
# Copying and distribution of this file, with or without modification,
# in any medium, are permitted without royalty provided the copyright
# notice and this notice are preserved.
. $srcdir/test-lib.sh
require cat
use_local_patch
use_tmpdir
# ==============================================================
# Test for arbitrary command execution found in CVE-2018-0492 patch.
# GNU patch bug report can be found at http://savannah.gnu.org/bugs/index.php?53566
cat > beep.patch <<EOF
--- /dev/null 2018-13-37 13:37:37.000000000 +0100
+++ b/beep.c 2018-13-37 13:38:38.000000000 +0100
1337a
1,112d
!id>~/pwn.lol;beep # 13-21 12:53:21.000000000 +0100
.
EOF
check 'patch < beep.patch; echo "Status: $?"' <<EOF
Apply potentially dangerous ed script? This could allow arbitrary command execution! [n]
Skipping potentially dangerous ed script.
Status: 1
EOF
check 'patch -e; echo "Status: $?"' <<EOF
Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] $PATCH: **** Refusing to apply potentially dangerous ed script.
Status: 2
EOF
Radix cross Linux
The main Radix cross Linux repository contains the build scripts of packages, which have the most complete and common functionality for desktop machines
452 Commits
2 Branches
1 Tag