[epiphany] EphyWindow: Avoid passing unquoted uri to /bin/sh
- From: Colin Walters <walters src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany] EphyWindow: Avoid passing unquoted uri to /bin/sh
- Date: Thu, 2 Jan 2014 13:30:21 +0000 (UTC)
commit cb869fae2ea518d3779666f8ee8a1dba9e7d7d92
Author: Colin Walters <walters verbum org>
Date: Mon Oct 21 11:00:51 2013 -0400
EphyWindow: Avoid passing unquoted uri to /bin/sh
While in this case we're probably safe because this code path is
for embedding users and thus aren't going to be subject to code
injection attacks, we'll still going to fail if the argument
contains shell metacharacters.
Fix that by using g_spawn_async() which doesn't go through /bin/sh.
Tested compilation, not at runtime, but should work.
https://bugzilla.gnome.org/show_bug.cgi?id=710570
src/ephy-window.c | 9 ++++-----
1 files changed, 4 insertions(+), 5 deletions(-)
---
diff --git a/src/ephy-window.c b/src/ephy-window.c
index ebb439b..d650296 100644
--- a/src/ephy-window.c
+++ b/src/ephy-window.c
@@ -2152,13 +2152,14 @@ decide_policy_cb (WebKitWebView *web_view,
}
else
{
- char *command_line;
GError *error = NULL;
+ const char *const child_argv[] = {"gvfs-open", uri, NULL};
return_value = TRUE;
- command_line = g_strdup_printf ("gvfs-open %s", uri);
- g_spawn_command_line_async (command_line, &error);
+ g_spawn_async (NULL, (char**)child_argv, NULL,
+ G_SPAWN_SEARCH_PATH, NULL, NULL, NULL,
+ &error);
if (error)
{
@@ -2166,8 +2167,6 @@ decide_policy_cb (WebKitWebView *web_view,
g_error_free (error);
}
- g_free (command_line);
-
webkit_policy_decision_ignore (decision);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
