Ubuntu
firejail package

"too short arguments" error

Bug #1934698 reported by Bill Yikes
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firejail (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

This command results in "Error: too short arguments":

$ firejail pastebinit -a '' -b paste.debian.net -i - <<< "hello world"

Even if a "--" parameter terminator is used to prevent firejail from treating a non-firejail argument as a firejail argument like this:

$ firejail -- pastebinit -a '' -b paste.debian.net -i - <<< "hello world"

it still results in "Error: too short arguments". The offending code is here:

https://github.com/netblue30/firejail/blob/master/src/firejail/main.c#L1028

It's of course overstepping for firejail to impose requirements on args passed to other applications. The the example at hand, the "-a ''" ensures that the author of a pastebin remains unnamed in the event that pastebinit would decide to default to something like $(whoami).

This bug triggers in firejail version 0.9.64.4.

CVE References

Revision history for this message
Reiner Herrmann (deki) wrote :

Thanks for the report. I have forwarded it upstream: https://github.com/netblue30/firejail/issues/4395

Changed in firejail (Ubuntu):
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package firejail - 0.9.70-1ubuntu1

---------------
firejail (0.9.70-1ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable. (LP: #1979358)
    Remaining changes:
    - When running autopkgtests, do not attempt to install firefox on
      architectures where it isn't built any longer (LP #1965314)
      - debian/tests/control

firejail (0.9.70-1) unstable; urgency=medium

  * New upstream release.
    - fix sound playback in chromium (Closes: #1003650)
  * Drop patches applied upstream.
  * Enable new IDS feature during build.
  * Mark nvm.profile as removed.
  * Extend lintian-override match to include profstats.
  * Move profiles tests back from smoke- to simple-tests, as they
    are too environment dependent.
  * Add procps to test dependencies.

firejail (0.9.68-4) unstable; urgency=high

  * Fix local root exploit reachable via --join logic. (CVE-2022-31214)
    (Closes: #1012510)

firejail (0.9.68-3) unstable; urgency=medium

  * Fix hyperrogue profile, which causes autopkgtest failure in Ubuntu CI.

firejail (0.9.68-2) unstable; urgency=medium

  * Add file to test dependencies.

firejail (0.9.68-1) unstable; urgency=medium

  * New upstream release.
  * Remove hostnames conffile, which has been renamed and moved to libdir.
  * Add a superficial autopkgtest that should run stable, but can
    catch breakage.

firejail (0.9.68~rc1-1) experimental; urgency=medium

  * New upstream release candidate.
    - fix telegram-desktop profile (Closes: #1002998)
    - allow webext directory in chromium profile (Closes: #1003234)
    - blacklist rxvt when perl is blacklisted (Closes: #1003259)
    - don't reject empty arguments (LP: #1934698)
  * Rename lintian tag in override: setuid-binary -> elevated-privileges.
  * Add lintian overrides for non-standard-executable-perm and
    executable-in-usr-lib.
  * Install new .config files.
  * Remove conffile: disable-passwdmgr.inc.
  * Document new copyright.
  * Bump Standards-Version to 4.6.0.
  * Bump copyright years to 2022.

 -- Paride Legovini <email address hidden> Wed, 22 Jun 2022 19:53:11 +0200

Changed in firejail (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.