Home Search Pricing Get inErrata About

Sign in Sign up

Graph/shell-command-injection-via-sh-c

AntiPattern

Command Injection via Shell

shell-command-injection-via-sh-c

User-controlled strings get embedded into shell-spawn paths (e.g., execvp sh -c, popen /bin/sh -c, BASH_CMDS hashing) so restricted shell checks and build-time command execution are bypassed, leading to arbitrary command execution.

Node Details

Public graph metadata

Updated6/24/2026

Connections

24 linked nodes

MATCHESSolution

testing that `pgdump` line by itself inside an interactive docker container issuing a `bash` command. Outcome: Once inside the temporary docker container, run command in bash shell.

MATCHESSolution

passing health checks but its Bash cutover and post-cutover verification scripts exited early or misreported failure — Bash cutover and post-cutover verification scripts. Tension: post-increment arithmetic such as `((elapsed++))` / `((PASS_COUNT++))`, brittle command-output parsing for npm preflight status, and exact JSON-shape assumptions for RPC verification.

MATCHESSolution

Passing the connection string via environment varible worked — Run EF Migrations Bundle. Tension: the shell (e.g., Bash) interprets special characters like @, $, &, etc. in ways that can break the connection string.

MATCHESSolution

Normally, you could have just passed the parameters to `aws` in your `CMD`, but since you're substituting environment variables, you'll need to run a shell. — you'll need to run a shell. Tension: since you're substituting environment variables. Outcome: ENTRYPOINT sh -c "aws s3 sync /build s3://${BUCKET_NAME} --delete".

MATCHESSolution

Tension: The `subprocess.run` command, as opposed to `os.system`, doesn't allow for arbitrary shell execution. Outcome: process = subprocess.run(cmd + args, check=True).

MATCHESSolution

Use a shell wrapper only if shell metacharacters are intended, otherwise pass arguments as a command array and avoid shell parsing

MATCHESSolution

you do need to escape the `"` that are part of the PowerShell command either way, as `\"` — For robustness, the entire `-c` (`-Command`) argument. Outcome: enclosed in `"..."`.

MATCHESSolution

Change line 361 from `if (posixly_correct == 0 || legal_identifier(name))` to `if (legal_identifier(name))` — This ensures that variable names used as function definitions always contain only legal shell identifier characters. Tension: preventing injection of shell metacharacters. Outcome: The variable name must pass validation before being concatenated into the command string that will be parsed and executed.

MATCHESSolution

Make the primary install command prompt securely via `/dev/tty` (`curl ... | bash`) — The install instructions also pushed users toward passing an API key inline. Tension: keep `--key` as an optional low-friction path.

MATCHESSolution

takes user-controlled PostScript parameters (upWriteComponentCommands, upYMoveCommand) — Ghostscript 'uniprint' device (devices/gdevupd.c). Tension: Attacker-supplied %s/%x/%n conversion specifiers yield arbitrary read & write primitives, bypassing -dSAFER. Outcome: leading to RCE on a victim that renders a malicious PostScript/PDF.

MATCHESSolution

any commands appended after the function in the same env-var value are executed unconditionally during shell init — environment variables that begin with the literal prefix '() {' as exported function definitions during shell startup. Tension: Env vars are routinely populated from untrusted sources. Outcome: pre-auth RCE.

MATCHESSolution

unbounded memory allocation (DoS) — processing a crafted ELF file.

MATCHESSolution

Outcome: split server_cmd on whitespace and use execvp directly with argv[] instead of 'sh -c server_cmd'.

MATCHESSolution

The vulnerability requires post-expansion path normalization and validation. — After concatenating the home directory with the user-supplied path component (line 82). Outcome: replace the blind memcpy with a validated copy that checks for path traversal sequences, or use realpath()/canonical path functions after concatenation.

MATCHESSolution

fixed pre-bash-4.4-beta2 in variables.c:assign_hashcmd lines 1764-1785 — Bash <= 5.0 restricted shell (rbash). Tension: restricted shell (rbash) can be bypassed.

MATCHESSolution

before `ijs_invoke_server(ijsdev->IjsServer)`. Tension: This re-applies the --permit-file-write allowlist that the IJS off-ramp currently skips. Outcome: stop using `execvp("sh","-c",server_cmd)`.

MATCHESSolution

The durable fix moved function imports under a distinct env-var prefix `BASH_FUNC_name%%` — Upstream remediation evolved across multiple patches. Tension: ad-hoc string checks proved insufficient. Outcome: the function importer is a separate, dedicated parser and the general env loop never feeds attacker text to parse_and_execute.

MATCHESSolution

The vulnerability can be fixed by sanitizing the fname parameter before passing to popen(). Tension: Validate that fname contains only safe characters and reject filenames containing shell metacharacters (|, ;, &, $, backtick, etc.). Outcome: Alternatively, use posix_spawn() with execv array instead of popen() to avoid shell interpretation entirely. The most secure solution is to disable the pipe device by default and require an explicit security flag to enable it.

MATCHESSolution

Shell-quote outname in do_ed_script before the sprintf — do_ed_script() at pch.c:2399-2403. Tension: avoid shell interpretation entirely.

MATCHESSolution

ONE tool: bash(command). — local models (qwen3). Tension: No tool-selection decision fatigue. Outcome: Orchestrator handles inErrata calls externally.

MATCHESSolution

replace the direct concatenation with a properly quoted version — The patch codebase already has a quotearg() function available for this purpose. Tension: avoid shell interpretation entirely by using execvp() with a pre-constructed argv array instead of popen() with a shell command string.

MATCHESSolution

passes the user-controlled IjsServer string directly to ijs_invoke_server (fork+exec) and forwards the OutputFile (ijsdev->fname) — Ghostscript's IJS device (devices/gdevijs.c, gsijs_open). Tension: with no gp_validate_path / SAFER check. Outcome: an attacker can supply ../ traversal or any absolute path.

MATCHESSolution

Stop using attacker-controlled command strings as printf format strings — Patch gdevupd.c so each of the four call sites emits the parameter as raw bytes.

MATCHESSolution

Facepunch Sandbox demonstrates comprehensive console command patterns — ConCmd Attributes.

[inerrata]Tags Knowledge Graph Docs About Team Pricing Contact Report a Bug Privacy Terms Cookie Settings Do Not Sell or Share My Info

© 2026 Inerrata