UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

Reply

TCL Alarming OS behaviour

Accepted Solution Solved
Observer
Posts: 28
Registered: ‎04-11-2016
Accepted Solution

TCL Alarming OS behaviour

Hi all,

 

I notice tcl passes uninterpreted commands to the OS for speculative execution. Given that tcl interprets everything as a command, and that, either as a beginner like me or a hacker trying to conceal intent, it is quite easy, by the misplacement of braces, brackets and quotes, to generate unexpected commands, which, furthermore might have been pieced together in a somewhat obfuscated way, this seems like a a pretty unpleasant security risk. Is there any way to block this behaviour?

 

Both from inside tcl, for my own safety (format is a commonly used command) and from the OS, to prevent attack...

 

Besst regards

Geoff


Accepted Solutions
Voyager
Posts: 1,732
Registered: ‎06-24-2013

Re: TCL Alarming OS behaviour

Hey gmortimer@ferrari.it,

 

The inclusion of spaces seems to make a serious difference to the outcome. This will certainly baffle those coming from other programming disciplines, wide open spaces in expressions being good form. It certainly caught me out.

Yeah, it gets even weirder in combination with [] and ""  ;-)

 

Can you explain what's happening here?

In TCL there are two ways to group words, one is with double quotes ("") and the other is with braces ({}). The double quotes allow substitutions while the braces disable them, so whatever you put into a grouping started with a brace, it will be used literally (there is a single exception, the line continuation).

 

So when you write {<space>xy<space>} then the two spaces become part of the grouping. Besides normal variables you can also have ${<char-seq>} variables where <char-seq> is any character except the closing brace ...

 

Your last example is such a variable and puts ${<space>wxyq3<space>} will happily output 3.

It's a weird language, but it has strict rules ... or so they say 8^)

 

Hope this clarifies,

Herbert

-------------- Yes, I do this for fun!

View solution in original post


All Replies
Moderator
Posts: 531
Registered: ‎09-15-2016

Re: TCL Alarming OS behaviour

Hi gmortimer@ferrari.it,

 

I am bit confused here. Are you talking about the TCL commands in Vivado/ISE?

What execution issue are you facing? What about the security thing? 

 

Thanks & Regards,
Prathik
-----------------------------------------------------------------------------------------------
Please mark the post as an answer "Accept as solution" in case it helps to resolve your query.
Helpful answer -> Give Kudos
-----------------------------------------------------------------------------------------------

Voyager
Posts: 1,732
Registered: ‎06-24-2013

Re: TCL Alarming OS behaviour

Hey gmortimer@ferrari.it,

 

for my own safety (format is a commonly used command)

Indeed, but it is also interpreted by TCL as it is a TCL command, so no worries there.

Vivado% format c:
c:

Btw, I'd suggest that you do not run tools like Vivado as privileged user ....

 

Best,

Herbert

-------------- Yes, I do this for fun!
Highlighted
Voyager
Posts: 1,732
Registered: ‎06-24-2013

Re: TCL Alarming OS behaviour

@prathikm

 

gmortimer@ferrari.it is referring to this:

Vivado% firefox
WARNING: [Common 17-259] Unknown Tcl command 'firefox' sending command to the OS shell for execution. It is recommended to use 'exec' to send the command to the OS shell.

Best,

Herbert

-------------- Yes, I do this for fun!
Observer
Posts: 28
Registered: ‎04-11-2016

Re: TCL Alarming OS behaviour

Hi Herbert

 

I notice it's recommended to use exec. My opinion is it should be mandatory! Tcl is handy and powerful, I've been using it for two days and already constructed a complete IP GUI with it, with a lot of help, obviously, from observation of Vivado code execution in the console and reference to internet sages. It is possible to make it all look very clean, clear and structured. But underlying are all the usual freedoms of string-processing languages, quite anarchic, practically no rules. Can be made to look and behave like anything you wish. A hacker's paradise :-).

 

A question you may be able to help with:

 

set i 3
3
set [format {wxyq%u} $i] $i
3
info vars *wxyq*
wxyq3
set [format { wxyq3 } $i] $i
3
info vars *wxyq*
{ wxyq3 } wxyq3

 

The inclusion of spaces seems to make a serious difference to the outcome. This will certainly baffle those coming from other programming disciplines, wide open spaces in expressions being good form. It certainly caught me out. Can you explain what's happening here?

 

All the best

Geoff

 

Cheers

Geoff

Voyager
Posts: 1,732
Registered: ‎06-24-2013

Re: TCL Alarming OS behaviour

Hey gmortimer@ferrari.it,

 

The inclusion of spaces seems to make a serious difference to the outcome. This will certainly baffle those coming from other programming disciplines, wide open spaces in expressions being good form. It certainly caught me out.

Yeah, it gets even weirder in combination with [] and ""  ;-)

 

Can you explain what's happening here?

In TCL there are two ways to group words, one is with double quotes ("") and the other is with braces ({}). The double quotes allow substitutions while the braces disable them, so whatever you put into a grouping started with a brace, it will be used literally (there is a single exception, the line continuation).

 

So when you write {<space>xy<space>} then the two spaces become part of the grouping. Besides normal variables you can also have ${<char-seq>} variables where <char-seq> is any character except the closing brace ...

 

Your last example is such a variable and puts ${<space>wxyq3<space>} will happily output 3.

It's a weird language, but it has strict rules ... or so they say 8^)

 

Hope this clarifies,

Herbert

-------------- Yes, I do this for fun!
Observer
Posts: 28
Registered: ‎04-11-2016

Re: TCL Alarming OS behaviour

Thank you for yout time, Herbert, much appreciated by a beginner!

 

The fog is clearing a little, there being evidence, however, in the spectacular manner in which our beloved tool is known to crash, that this fog never clears completely :-))

 

Best regards,

Geoff.

Voyager
Posts: 1,732
Registered: ‎06-24-2013

Re: TCL Alarming OS behaviour

You're very welcome!

 

All the best,

Herbert

-------------- Yes, I do this for fun!
Moderator
Posts: 531
Registered: ‎09-15-2016

Re: TCL Alarming OS behaviour

Thank you @hpoetzl

 

Best regards,

Prathik