patch 2

함수

취약점

command injection

배경지식

system() and execve() work in different ways. system() will always invoke the shell and this shell will execute the command as a separate process (this is why you can use wildcards and other shell facilities in the command line when using system()).
execve() (and the other functions in the exec() family) replaces the current process with the one being spawned directly (the execve() function doesn't return, except in case of failure). In fact system() implementation is supposed to use a sequence of fork(), execve() and wait() calls to perform its function.

patch

REDACTED! NOTHING TO SEE!