Uploaded image for project: 'TEST Defect Tracking Project'
  1. TEST Defect Tracking Project
  2. TEST-1282

In POSIX Sh, Echo Flags Are Not Supported.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • None
    • False
    • None
    • False

      Title: In POSIX Sh, Echo Flags Are Not Supported.

      Defect Dojo link: https://defectdojo.prodsec.redhat.com/finding/3231 (3231)

      Severity: High

      Due Date: May 21, 2022

      CWE: CWE-475

      CVE: Unknown

      Product/Engagement/Test: rhel-7/gzip / gzip-1.5-11.el7_9 / OSH-SCAN (csmock Scan (SARIF))

      Source File: /usr/bin/zmore

      Source Line: 39

      Description:
      *Result message:* In POSIX sh, echo flags are not supported.
      *Snippet:*
      ```Problem detected in this context:
      37| Report bugs to <bug-gzip@gnu.org>."
      38|
      39|-> if test "`echo -n a`" = "-n a"; then
      40| # looks like a SysV system:
      41| n1=''; n2='\c'```
      *Rule name:* SC2039
      *Code flow:*
      1. /usr/bin/zmore:L39:C16
      In POSIX sh, echo flags are not supported.

      Reporter: Scan Results Collector SA (scan-results-collector-importer-sa) ()

              Unassigned Unassigned
              defectdojo-prodsec Defect Dojo (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: