Last active
December 13, 2019 06:56
-
-
Save jlamendo/145f6579738dc2afb608b8dbf899ae89 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// yes this is vulnerable to command injection, | |
// because if you want to paste bash code to download a linux wannacry port into the llvm_version arg, that's your prerogative. | |
llvm_version=process.argv[2]; | |
exec=require("child_process").exec; | |
var install_script = ` | |
sudo apt-get update -y && apt-get install -y clang-${llvm_version} libclang${llvm_version}-dev libclang-common-${llvm_version}-dev clang-format-${llvm_version} &&\ | |
sudo update-alternatives --install \ | |
/usr/bin/llvm-config llvm-config /usr/bin/llvm-config-${llvm_version} 200 \ | |
--slave /usr/bin/llvm-ar llvm-ar /usr/bin/llvm-ar-${llvm_version} \ | |
--slave /usr/bin/llvm-as llvm-as /usr/bin/llvm-as-${llvm_version} \ | |
--slave /usr/bin/llvm-bcanalyzer llvm-bcanalyzer /usr/bin/llvm-bcanalyzer-${llvm_version} \ | |
--slave /usr/bin/llvm-cov llvm-cov /usr/bin/llvm-cov-${llvm_version} \ | |
--slave /usr/bin/llvm-diff llvm-diff /usr/bin/llvm-diff-${llvm_version} \ | |
--slave /usr/bin/llvm-dis llvm-dis /usr/bin/llvm-dis-${llvm_version} \ | |
--slave /usr/bin/llvm-dwarfdump llvm-dwarfdump /usr/bin/llvm-dwarfdump-${llvm_version} \ | |
--slave /usr/bin/llvm-extract llvm-extract /usr/bin/llvm-extract-${llvm_version} \ | |
--slave /usr/bin/llvm-link llvm-link /usr/bin/llvm-link-${llvm_version} \ | |
--slave /usr/bin/llvm-mc llvm-mc /usr/bin/llvm-mc-${llvm_version} \ | |
--slave /usr/bin/llvm-mcmarkup llvm-mcmarkup /usr/bin/llvm-mcmarkup-${llvm_version} \ | |
--slave /usr/bin/llvm-nm llvm-nm /usr/bin/llvm-nm-${llvm_version} \ | |
--slave /usr/bin/llvm-objdump llvm-objdump /usr/bin/llvm-objdump-${llvm_version} \ | |
--slave /usr/bin/llvm-ranlib llvm-ranlib /usr/bin/llvm-ranlib-${llvm_version} \ | |
--slave /usr/bin/llvm-readobj llvm-readobj /usr/bin/llvm-readobj-${llvm_version} \ | |
--slave /usr/bin/llvm-rtdyld llvm-rtdyld /usr/bin/llvm-rtdyld-${llvm_version} \ | |
--slave /usr/bin/llvm-size llvm-size /usr/bin/llvm-size-${llvm_version} \ | |
--slave /usr/bin/llvm-stress llvm-stress /usr/bin/llvm-stress-${llvm_version} \ | |
--slave /usr/bin/llvm-symbolizer llvm-symbolizer /usr/bin/llvm-symbolizer-${llvm_version} \ | |
--slave /usr/bin/llvm-tblgen llvm-tblgen /usr/bin/llvm-tblgen-${llvm_version} &&\ | |
sudo update-alternatives \ | |
--install /usr/bin/clang clang /usr/bin/clang-${llvm_version} 50 \ | |
--slave /usr/bin/clang++ clang++ /usr/bin/clang++-${llvm_version} \ | |
--slave /usr/bin/lldb lldb /usr/bin/lldb-${llvm_version} \ | |
--slave /usr/bin/lldb-server lldb-server /usr/bin/lldb-server-${llvm_version} | |
` | |
exec(install_script, (error, stdout, stderr) => { | |
if (error) { | |
process.stderr.write(`${error}`); | |
process.exit(); | |
} | |
process.stdout.write(`${stdout}`); | |
process.stderr.write(`stderr: ${stderr}`); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment