Potential harmful printing of binary Exif metadata in terminal
Mat2 prints binary values of Exif metadata fields on the terminal (
Depending on the used terminal emulator, this can mess up the terminal settings or execute code. (Reference: https://security.stackexchange.com/questions/56307/can-cat-ing-a-file-be-a-potential-security-risk).
Exploit (Code Execution):
In rxvt-unicode (urxvt) v9.22 showing the metadata of that file with
mat2 --show results in the following:
[user:/tmp] % mat2 --show Binary_data_in_Exif_Comment.jpg [+] Metadata for Binary_data_in_Exif_Comment.jpg: Comment: ^[G0 [user:/tmp] % 0 bash: command not found: 0
In this case, the binary
0 does not exist in the system, however, it would have been executed without any user interaction if it had existed.
Filter or replace all non-printable characters of metadata before printing.
- MAT2 0.4.0
- perl-image-exiftool 11.11