Fcalva/chibi-scheme
1
0
Fork 0
mirror of https://github.com/ashinn/chibi-scheme.git synced 2025-05-19 13:49:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding safe-setenv alternative to setenv to workaround shellshock bug.

Browse source
This commit is contained in:
Alex Shinn 2014-09-26 20:25:06 +09:00
parent 0038398ddc
commit 5dbd1c9610
2 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
lib/chibi/ast.scm
View file

@ -356,6 +356,19 @@
;;> Returns the first string cursor of \var{pat} in \var{str},
;;> of \scheme{#f} if it's not found.
;;> \procedure{(safe-setenv name value)}
;;> Equivalent to \scheme{setenv} but does nothing and returns
;;> \scheme{#f} if \var{value} is a function definition. Used to
;;> circumvent the vulnerability of the shellshock bug.
(define (safe-setenv name value)
(define (function-def? str)
(and (> (string-size value) 5)
(equal? "() {" (substring value 0 4))))
(and (not (function-def? value))
(setenv name value)))
;;> \procedure{(atomically expr)}
;;> Run \var{expr} atomically, disabling yields. Ideally should only be

2
lib/chibi/ast.sld
View file

@ -36,7 +36,7 @@
type-name type-cpl type-parent type-slots type-num-slots type-printer
object-size integer->immediate gc atomically thread-list
string-contains errno integer->error-string
flatten-dot update-free-vars! setenv unsetenv)
flatten-dot update-free-vars! setenv unsetenv safe-setenv)
(import (chibi))
(include-shared "ast")
(include "ast.scm"))