glib r7892 - trunk/gio



Author: alexl
Date: Fri Feb 20 07:46:57 2009
New Revision: 7892
URL: http://svn.gnome.org/viewvc/glib?rev=7892&view=rev

Log:
2009-02-20  Alexander Larsson  <alexl redhat com>

        * gcontenttype.c:
        (g_content_type_guess):
	Don't ever sniff desktop files when the filename is known.
	In other words, only allow desktop files with the .desktop extension
	and when the filename isn't known.
	This is a security precaution since desktop files can execute
	arbitrary code when launched and we don't want to allow them to
	try and hide as another type. There is no legit reason to not
	have the .desktop extension anyway.




Modified:
   trunk/gio/ChangeLog
   trunk/gio/gcontenttype.c

Modified: trunk/gio/gcontenttype.c
==============================================================================
--- trunk/gio/gcontenttype.c	(original)
+++ trunk/gio/gcontenttype.c	Fri Feb 20 07:46:57 2009
@@ -933,6 +933,16 @@
 	  data &&
 	  looks_like_text (data, data_size))
 	sniffed_mimetype = "text/plain";
+
+      /* For security reasons we don't ever want to sniff desktop files
+       * where we know the filename and it doesn't have a .desktop extension.
+       * This is because desktop files allow executing any application and
+       * we don't want to make it possible to hide them looking like something
+       * else.
+       */
+      if (filename != NULL &&
+          strcmp (sniffed_mimetype, "application/x-desktop") == 0)
+        sniffed_mimetype = "text/plain";
     }
   
   if (n_name_mimetypes == 0)



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]