Browse Source

Security: remove support for $(...) in KRun which could have allowed

execution of malicious code. This is similar to issue #45 for .desktop
files.

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
pull/74/head
Michele Calgaro 7 months ago
parent
commit
8b8f5064f7
Signed by: MicheleC GPG Key ID: 2A75B7CA8ADED5CF
1 changed files with 1 additions and 20 deletions
  1. +1
    -20
      tdeio/tdeio/krun.cpp

+ 1
- 20
tdeio/tdeio/krun.cpp View File

@@ -931,26 +931,7 @@ void KRun::init()

while( nDollarPos != -1 && nDollarPos+1 < static_cast<int>(aValue.length())) {
// there is at least one $
if( (aValue)[nDollarPos+1] == '(' ) {
uint nEndPos = nDollarPos+1;
// the next character is no $
while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=')') )
nEndPos++;
nEndPos++;
TQString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );

TQString result;
FILE *fs = popen(TQFile::encodeName(cmd).data(), "r");
if (fs)
{
{
TQTextStream ts(fs, IO_ReadOnly);
result = ts.read().stripWhiteSpace();
}
pclose(fs);
}
aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
} else if( (aValue)[nDollarPos+1] != '$' ) {
if( (aValue)[nDollarPos+1] != '$' ) {
uint nEndPos = nDollarPos+1;
// the next character is no $
TQString aVarName;


Loading…
Cancel
Save