7

Command Injection by breaking out from single quotes. Is it possible?

view full story
linux-howto

http://stackoverflow.com – #define BUFSIZE 256 int escape_single_quotes(char *to, char *from, int max) { int l= 0; for (;*from;from++) { switch (*from) { case '\'': if (l>=max-4) return 0; // not enough space for escaped chars! // replace ' with '\'' *(to++)= '\''; *(to++)= '\\'; *(to++)= '\''; l += 3; default: if (l>=max-1) return 0; // not enough space for this char! *(to++)= *from; l++; } } *to= 0; return 1; } int main(int argc, char *argv[]) { FILE *fp; char buf[BUFSIZE]; char escaped_name (HowTos)