[Devel] exec_dset with params in URI broken
trmissner at bandwidth.com
Wed Aug 2 05:02:16 CEST 2006
Today I stumbled upon an issue while using exec_dset.
If the R-URI has a parameter in it like the following:
sip:+12125551212 at 188.8.131.52;dt=180 SIP/2.0
When exec_dset sends the R-URI as a command line param to the command
specified when called like:
popen is used to exec a new shell passing
"/usr/local/bin/dostuff.pl sip:+12125551212 at 184.108.40.206;dt=180 SIP/2.0" as
The ; in the RURI is interpreted by the shell as the end of the
This causes the dt=180 portion of the R-URI to passed directly to the
shell causing an error.
It seems this problem could be exploited by an enterprising hacker.
A solution would be to check the param string for semi-colons and if
found escape them with a backslash ( \ ).
I am working on this code now.
Is this a known issue?
Is there a better solution?
More information about the Devel